Security News

Women in Cybersecurity: ISC2 Survey Shows Pay Gap and Benefits of Inclusive Teams
2024-04-25 14:00

Only 17% of respondents to the ISC2 Cybersecurity Workforce Study were women, showing a continued struggle for workplaces to recruit and retain women in this industry. Notably, women reported more women on their teams: 30% of women said there were other women on their teams, as opposed to 22% of men.

Shouldn't Teams, Zoom, Slack all interoperate securely for the Feds? Wyden is asking
2024-04-24 19:43

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity
2024-04-22 04:30

Cloud Console Cartographer is an open-source tool that maps noisy log activity into highly consolidated, succinct events to help security practitioners cut through the noise and understand console behavior in their environment. "Infrastructure as code has replaced a lot of the need for console access for many organizations, but there are still plenty of instances where the console is still being used, and in some cases, you need to use the AWS console to perform certain actions. Cloud Console Cartographer cuts through the noise generated in logs by those console sessions," Daniel Bohannon, Permiso's Principal Threat Researcher, told Help Net Security.

GenAI: A New Headache for SaaS Security Teams
2024-04-17 11:07

The introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with...

4 Best Open Source Password Managers for Teams in 2024
2024-04-11 11:16

Open source password managers make their code accessible to the public, allowing users to customize the software to suit their needs. With that, I've created a list of the best open source password managers for teams and businesses.

Human risk is the top cyber threat for IT teams
2024-04-03 03:30

After another year rife with cybercrime, IT and cyber leaders are confronted with a new reality. AI and deepfakes can trick even the most well-trained employee, and executing a strong cyber defense is more important than ever.

Rust developers at Google are twice as productive as C++ teams
2024-03-31 16:33

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Security best practices for GRC teams
2024-03-20 04:30

Even with the best-of-the-best tools and tech stack monitoring vulnerabilities, every security executive and GRC leader should still have some layer of paranoia. In this Help Net Security video, Shrav Mehta, CEO at Secureframe, talks about security best practices for GRC teams, highlights areas that security learners should pay close attention to, and discusses how security leaders can automate specific processes.

Infosec teams must be allowed to fail, argues Gartner
2024-03-18 07:29

In their keynote at the firm's Security & Risk Management Summit in Sydney, Australia, today, VP analyst Mixter and director analyst Xiu argued that no amount of effort can prevent infosec incidents, and the quality of organizations' response is a more appropriate measure of an infosec team's effectiveness than expecting they will never fail to fend off the never-ending torrent of attacks. "Adrenalin does not scale," Xiu told the event - a reference to the practice of infosec teams responding to incidents by attacking them without a rehearsed plan.

How teams can improve incident recovery time to minimize damages
2024-03-14 04:30

With breach recovery costs skyrocketing, speeding time to recovery to minimize downtime and losses should be top of mind for security leaders. Most focus on adding more prevention and detection tools.