Category Archives: security standard

Setting a security standard: From vulnerability to exposure management

Posted on by

Vulnerability management has been the standard approach to fending off cyber threats for years. Still, it falls short by focusing on a limited number of vulnerabilities, often resolving only 1% to 20% of issues. In 2024, with the average data breach co… Continue reading Setting a security standard: From vulnerability to exposure management

How open-source MDM solutions simplify cross-platform device management

Posted on by

In this Help Net Security interview, Mike McNeil, CEO at Fleet, talks about the security risks posed by unmanaged mobile devices and how mobile device management (MDM) solutions help address them. He also discusses employee resistance to MDM and how op… Continue reading How open-source MDM solutions simplify cross-platform device management

How NIS2 will impact sectors from healthcare to energy

Posted on by

In this Help Net Security interview, Mick Baccio, Global Security Advisor at Splunk SURGe, discusses the far-reaching implications of the NIS2 Directive beyond traditional IT security. He explains how NIS2 will fundamentally change cybersecurity govern… Continue reading How NIS2 will impact sectors from healthcare to energy

How to make Infrastructure as Code secure by default

Posted on by

Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through machine-readable definition files. What can we to do make IaC secure by default? Securit… Continue reading How to make Infrastructure as Code secure by default

NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise?

Posted on by

The Network and Information Security (NIS) 2 Directive is possibly one of the most significant pieces of cybersecurity regulation to ever hit Europe. The 27 EU Member States have until 17 October 2024 to adopt and publish the standards necessary to com… Continue reading NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise?

Breaking down FCC’s proposal to strengthen BGP security

Posted on by

In this Help Net Security interview, Doug Madory, Director of Internet Analysis at Kentik, discusses the FCC’s proposal requiring major U.S. ISPs to implement RPKI Route Origin Validation (ROV), and addresses concerns about the impact on smaller ISPs a… Continue reading Breaking down FCC’s proposal to strengthen BGP security

10 cybersecurity frameworks you need to know about

Posted on by

As cyber threats grow more sophisticated, understanding and implementing robust cybersecurity frameworks is crucial for organizations of all sizes. This article lists the most essential cybersecurity frameworks developed to guide businesses and governm… Continue reading 10 cybersecurity frameworks you need to know about

Modeling organizations’ defensive mechanisms with MITRE D3FEND

Posted on by

Funded by the National Security Agency, MITRE’s D3FEND framework is helping to provide standardization, specificity, and repeatability needed by cybersecurity engineers. As the framework moves from the beta version to version 1.0 in 2024, we asked D3FE… Continue reading Modeling organizations’ defensive mechanisms with MITRE D3FEND

Strengthening travel safety protocols with ISO 31030

Posted on by

In this Help Net Security video, Tracy Reinhold, Chief Security Officer at Everbridge, talks about ISO 31030, the officially recognized International Standard for travel risk management, guiding how to manage risks to organizations and travelers. The g… Continue reading Strengthening travel safety protocols with ISO 31030