Security You Should Know

All links and images can be found on CISO Series.

Most data breaches don't happen because attackers are geniuses. They happen because organizations give too much access to too many people for far to…

All links and images can be found on CISO Series.

In this episode, Simone Rapizzi, CSO at RedCarbon, explains how their AI-powered platform uses specialized models to automate threat detection and re…

In this episode, Matt Hillary, CISO at Drata, explains how their AI-native trust management platform addresses these challenges by automating evidence collection from integrated systems and reducing …

SIEM costs are spiraling out of control for organizations. Increasing log volumes, longer compliance-driven retention requirements, and the habit of collecting everything "just in case," the list goe…

All links and images can be found on CISO Series

Security awareness is critical to cultivate in your organization. But security awareness training can often miss the mark. Traditional training is s…

All links and images can be found on CISO Series.

Wire fraud and payment security remain persistent challenges for organizations, with the FBI reporting a 33% increase in BEC losses between 2023 and…

Implmenting new technologies for the business is already a daunting task. Cloud and SaaS have made some of the implementation easier, but it also makes it easier to not fully comprehend the risks yo…

Security orchestration sounds great in theory, but in practice, coordinating between different security tools remains a headache. As workflows need to move faster to keep pace with AI-driven attacks…

All links and information can be found on CISO Series.

DLP can be a bit of a four-letter word in cybersecurity. False positives are a major problem with any traditional DLP solution because setting…

Managing risk is the name of the game for a CISO. Quantification is a major part of that job, but it doesn't end there. Without a means of communicating that quantification to the rest of the busine…

Security teams today are expected to manage two fronts—building and maintaining proactive defenses, and staying ready to respond at any moment to threats that slip through. But unless someone active…

Large language models are most useful to your business when they have access to your data. But these models also overshare by default, providing need-to-know information without sophisticated access …

Unauthorized site access remains a significant security concern for organizations. But why does this issue persist, and how can it be effectively addressed?

In this episode, Rob Allen, chief produ…

Linux is the backbone of critical infrastructure, yet it often flies under the radar when it comes to endpoint monitoring. From legacy servers to embedded systems, Linux devices are frequently unpro…

For years, patch management has been treated as a solved problem—until reality strikes. Outdated applications, portable executables, patch conflicts, and shadow software leave organizations unknowin…

Automated attacks are growing in speed and sophistication, far outpacing the human defenses most organizations rely on. Whether it’s credential stuffing, scraping, or denial-of-wallet attacks, bots …

Managing privileged access across a sprawling IT environment remains one of cybersecurity’s toughest balancing acts. Admin privileges are often granted too broadly and retained for too long, opening…

Security operations centers (SOCs) are drowning in alerts, forcing analysts to waste time chasing down false positives while real threats slip through. The problem isn’t just efficiency—it’s burnout…

Securing endpoints is a persistent challenge, especially in a hybrid working environment. The human factor is an unavoidable element with endpoint security, which means you have to be ready for a lot…

Customer security reviews often miss their mark, leaving organizations scrambling to compensate with extensive questionnaires that divert attention away from genuine risk management. The inconsistenc…