Collaborate Disseminate
The number of IoT devices in enterprise networks and across the internet is projected to reach 29 billion by the year 2030. This exponential growth has inadvertently increased the attack surface. Each interconnected device can potentially create new av… Continue reading The power of passive OS fingerprinting for accurate IoT device identification
The OWASP Foundation’s Top Ten lists have helped defenders focus their efforts with respect to specific technologies and the OWASP API (Application Programming Interface) Security Top 10 2023 is no exception. First drafted five years ago and updated th… Continue reading Is the new OWASP API Top 10 helpful to defenders?
Does anyone think the chances of surviving a plane crash increase if our tray tables are locked and our carry-on bags are completely stowed under our seats? That we’ll be OK if the plane hits a mountain if we have our seat belts buckled securely across… Continue reading Is the cybersecurity community’s obsession with compliance counter-productive?
In the era of data-driven decision making, businesses are harnessing the power of machine learning (ML) to unlock valuable insights, gain operational efficiencies, and solidify competitive advantage. Although recent developments in generative artificia… Continue reading Uncovering a privacy-preserving approach to machine learning
Cybersecurity insurance is a rapidly growing market, swelling from approximately $13B in 2022 to an estimated $84B in 2030 (26% CAGR), but insurers are struggling with quantifying the potential risks of offering this type of insurance. The traditional … Continue reading Cybersecurity insurance is missing the risk
As security vulnerabilities are reported to you time and again, you may ask yourself: “Why don’t these developers learn the lesson?” The next thing you may think is: “We should train developers, so they stop making these mistakes.” For many years… Continue reading Does a secure coding training platform really work?
As the adoption of cloud-based and mobile-access security systems continues to increase among both new and established businesses, the lines between traditional physical security personnel and IT staff are beginning to blur. Traditionally, the common a… Continue reading IT’s rising role in physical security technology
There is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the problem and, once a fix is available, discloses that vulnerability for the benefi… Continue reading How EU lawmakers can make mandatory vulnerability disclosure responsible
Burnout is endemic in the cybersecurity industry, damaging the mental and physical health of cyber professionals and leaving organizations underskilled, understaffed, and overexposed to cyber risk as security leaders and team members leave for more pro… Continue reading 4 ways simulation training alleviates team burnout
Representatives from Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI recently convened at the White House for a meeting with President Biden with the stated mission of “ensuring the responsible development and distribution of artific… Continue reading Why the “voluntary AI commitments” extracted by the White House are nowhere near enough