Security News

The majority of organizations are on the road to implementing a zero trust framework to increase their overall security risk posture, according to PlainID. However, only 50% said that authorization makes up their zero trust program - potentially exposing their infrastructure to threat actors. Historically, a zero trust framework was focused on solving the challenges associated with authentication, end point and network access security.

As a result, security is an afterthought, and any attempt to squeeze siloed security into agile SDLC can swell the cost of patching by 600%. A new cloud security operating model is long overdue. Stripping back to a system of low context may have drastically sped up the CI/CD pipeline, but this low-context approach is disappointing for any attempt to shift security to the left.

If you find the computer security guidelines you get at work confusing and not very useful, you’re not alone. A new study highlights a key problem with how these guidelines are created, and...

Harnessing the potential of automation in cybersecurity is key to maintaining a robust defense against ever-evolving threats. Still, this approach comes with its own unique challenges. In this...

Microsoft has released the optional KB5028244 Preview cumulative update for Windows 10 22H2 with 19 fixes or changes, including an update to the Vulnerable Driver Blocklist to block BYOVD attacks. [...]

Python security fixes often happen through "Silent" code commits, without an associated Common Vulnerabilities and Exposures identifier, according to a group of computer security researchers. In a preprint paper titled, "Exploring Security Commits in Python," Shiyu Sun, Shu Wang, Xinda Wang, Yunlong Xing, Kun Sun from George Mason University, and Elisa Zhang from Dougherty Valley High School, all in the United States, propose a remedy: a database of security commits called PySecDB to make Python code repairs more visible to the community.

Do we admit that a data breach has occurred or just call it a system glitch that caused some minor accidental data visibility? CISOs are tasked with crucial, timely decisions to avoid legal repercussions. Often the most underrated component of a security program, skilled people can be the most valuable security layer by far.

Despite increased cybersecurity discussions at the C-suite and boardroom level, a sharp juxtaposition has emerged between executives who believe that every security alert is being addressed and the teams on the ground addressing the alerts. 70% of executives believe that all alerts are being handled by their security team, while only 36% of front-line roles responsible for managing alerts agree.

Want a custom security dashboard to bring together data from multiple places? Microsoft Power BI can do that and help you spot what's changing. If the security tools you use don't have the right dashboards and reports to help you see at a glance what's going on with your systems, you can build them yourself in Power BI - and you don't need to be an expert in analytics to create something useful.

While technology advancements and distributed workforces have created efficiencies and flexibility for companies, they've also created overcomplexity, which can increase security risk. 53% of senior IT decision-makers say their IT environment is more complex than it was two years ago.