Category: Cyber Defense Magazine

The surge in cyberattacks and the emerging role of Generative AI The importance of cyber security tools in protecting sensitive information, sustaining organization’s resilience and enabling business continuity during hostile… The post Guardians Of the Grid appeared first on Cyber…

Read more →

The Common Vulnerability Scoring System (CVSS) offers a standardized framework for characterizing and scoring vulnerabilities, helping the effort for vulnerability risk assessment. The release of CVSS 4.0 in November 2023 marked a… The post Exploring CVSS 4.0’s Impact on Vulnerability and Threat…

Read more →

Imagine walking into a board meeting with a tool that shows your board exactly how protected the organization is, based on the investment they have allowed you to make. Or,… The post Four Steps Security Teams Can Take to Unlock…

Read more →

In today’s hyper-connected world, supply chains are the lifeblood of industries, spanning across continents and involving numerous third-party vendors. While this interconnectedness brings unparalleled efficiency and opportunities for growth, it… The post Fortifying The Links appeared first on Cyber Defense…

Read more →

In February, the top artificial intelligence (AI) official at the Department of Defense (DoD) laid out his vision for AI-enabled warfare. “Imagine a world where combatant commanders can see everything they… The post The Key to AI-Enabled Multi-Coalition Warfare appeared first…

Read more →

In the ever-expanding digital landscape, cybersecurity remains a critical concern for individuals, businesses, and governments alike. As technology advances, so do the tactics of cybercriminals. One of the most significant… The post The Role of AI in Evolving Cybersecurity Attacks…

Read more →

“Shift-left” is a familiar concept to CISOs and security practitioners across the globe. A term coined to promote the integration of security practices earlier in the software development lifecycle (SDLC)… The post The Fundamental Components to Achieving Shift-Left Success appeared…

Read more →

In a shocking breach of customer privacy, AT&T said in April 2024 that almost all of the data of its cell customers had been stolen. Records of most of AT&T’s… The post AT&T Breach 2024: Customer Data Exposed in Massive…

Read more →

In the ever-evolving landscape of digital security, maintaining trust is paramount. When a Certification Authority (CA) is no longer trusted by browsers like Google, as was demonstrated on June 27th, it… The post How To Navigate Certification Authority Distrust: Preventing Critical…

Read more →

Highly advanced and extremely dangerous cyberattacks are targeting SAP (from the company originally called “System Analysis Program” Development) software supply chains with an alarming increase in frequency. By taking advantage… The post Protect SAP Supply Chains by Preventing Cyber Attacks…

Read more →

In an era defined by continuous media announcements of organizations that have suffered both government and private data breaches and thefts, the security of this invaluable asset has never been… The post The Traditional Advocates of the Security Perimeter Don’t…

Read more →

Since 2010, Puppet’s annual State of DevOps Report has tracked trends in IT, including security and, more recently, the growth of platform engineering. 2024’s edition, which includes the results of a survey… The post Is Platform Engineering a Step Towards Better Governed…

Read more →

Russia’s reputation for suppressing internet freedom and free expression is well documented. VPNs have long had a contentious relationship with the Russian state, and in recent years they have been… The post Russia, Apple, And the New Front Line in…

Read more →

Privileged accounts are highly coveted targets for malicious attackers due to the extensive access they provide. According to the 2024 Verizon Data Breach Investigation Report, nearly 40% of data breaches… The post Best Practices for Effective Privileged Access Management (PAM)…

Read more →

In the dynamic landscape of Operational Technology (OT), robust cybersecurity measures are paramount. As the digital transformation accelerates, protecting critical infrastructure becomes more challenging. Fortunately, three key standards—NIS2, CRA, and… The post Securing the OT Stage: NIS2, CRA, and IEC62443…

Read more →

A central principle in many data protection laws around the globe is data minimization. But we are currently facing a serious issue: we don’t have legal clarity on what exactly… The post The Urgent Need for Data Minimization Standards appeared…

Read more →

The specter of security vulnerabilities is a constant concern in today’s digital landscape. They’re the hidden pitfalls that can undermine even the most meticulously crafted code. But what if you… The post Four Ways to Harden Your Code Against Security…

Read more →

Today, it’s rare for a month to pass without reports of new distributed denial-of-service (DDoS) attacks. Lately, geopolitical instability and hacktivist groups (e.g., Anonymous Sudan and NoName057(16)) have driven attacks, and these types of attacks… The post Is There a DDoS Attack Ceiling? appeared first…

Read more →

Today’s cloud security categories don’t do practitioners any favors when it comes to identifying the key requirements for detection and response in the cloud. This is because various detection and… The post Ditch The Cloud Security Labels to Nail Detection…

Read more →

In an era where we are completely reliant on digital connectivity, the security of our critical infrastructure is paramount. CISA defines 16 sectors of US critical infrastructure; each unique and yet… The post Cybersecurity At the Crossroads: The Role Of Private…

Read more →