Collaborate Disseminate
CrowdStrike has released a preliminary Post Incident Review (PIR) of how the flawed Falcon Sensor update made its way to millions of Windows systems and pushed them into a “Blue Screen of Death” loop. The PIR is a bit confusing to read and parse, becau… Continue reading Learning from CrowdStrike’s quality assurance failures
Somewhere, right now, a CISO is in a boardroom making their best case for stronger identity threat detection and response (ITDR) initiatives to lower the risk of intrusion. For a good reason, too: Look no further than the Change Healthcare breach, wher… Continue reading How CISOs enable ITDR approach through the principle of least privilege
As organizations increasingly adopt third-party AI tools to streamline operations and gain a competitive edge, they also invite a host of new risks. Many companies are unprepared, lacking clear policies and adequate employee training to mitigate these … Continue reading The CISO’s approach to AI: Balancing transformation with trust
As GenAI models used for natural language processing, image generation, and other complex tasks often rely on large datasets that must be transmitted between distributed locations, including data centers and edge devices, WAN optimization is essential … Continue reading GenAI network acceleration requires prior WAN optimization
Aided by the emergence of generative artificial intelligence models, synthetic identity fraud has skyrocketed, and now accounts for a staggering 85% of all identity fraud cases. For security professionals, the challenge lies in staying one step ahead o… Continue reading Fighting AI-powered synthetic ID fraud with AI
It’s been less than 18 months since the public introduction of ChatGPT, which gained 100 million users in less than two months. Given the hype, you would expect enterprise adoption of generative AI to be significant, but it’s been slower than many expe… Continue reading ChatGPTriage: How can CISOs see and control employees’ AI use?
The hype surrounding unmanaged and exposed non-human identities (NHIs), or machine-to-machine credentials – such as service accounts, system accounts, certificates and API keys – has recently skyrocketed. A steady stream of NHI-related brea… Continue reading Risk related to non-human identities: Believe the hype, reject the FUD
Most organizations focus on securing routers, servers, firewalls, and other endpoints, but threats can also arise from unfamiliar sources such as third-party networks, which can be used by hackers to attack an organization. Through a strong TPRM framew… Continue reading How to design a third-party risk management framework
With terms like “AI washing” making their way into mainstream business consciousness, the hype surrounding AI is making it harder to differentiate between the true applications and empty promises of the technology. The quest for tangible business benef… Continue reading How AI helps decode cybercriminal strategies
Technologies such as GenAI, ML and IoT are giving threat actors new tools that make it easier to target consumers and organizations. From Savvy Seahorse which lures victims into investment scams, to a self-replicating AI worm that uses the likes of Cha… Continue reading Diversifying cyber teams to tackle complex threats