The Identity Security Mirage: Unveiling the Hidden Risks in Your Digital Infrastructure
In today’s rapidly evolving digital landscape, organizations are increasingly reliant on complex networks of identities to power their operations. From human users to non-human accounts, such as service accounts, APIs,…
SEC Cybersecurity Disclosure Rules – Are CISOs Ready to Go Beyond the Tip of the Iceberg?
It’s been more than six months since the SEC’s updated Cybersecurity Disclosure rules came into force. These rules represent a sea change for CISOs; both in terms of the burden…
The First 10 Days of a vCISO’S Journey with a New Client
“In a quaint village nestled between rolling hills and dense forests, a young apprentice named Eli was learning to throw pottery from a master potter. On the first day by…
Lockin Company’s Approach to Zero Trust Security and Rising Phishing Threats with its security software LIAPP, LIKEY, and LISS
LIAPP (Lockin App Protector) is an integrated mobile app security service developed by Lockin Company, a Korean-based security company dedicated to mobile apps protection, that protects over 2,000 apps worldwide….
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help
On July 3rd the period for public comment closed for the U.S. Cybersecurity and Infrastructure Security Agency’s proposed Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) reporting rules…
Cybersecurity In Critical Infrastructure: Protecting Power Grids and Smart Grids
Correction (August 2025): An earlier version of this article stated that Florida municipal power agencies were targeted in June 2021 using phishing and remote vulnerabilities. This statement could not be substantiated…
The Perils of Settling: Why ‘Good Enough’ Fails in Modern Cybersecurity
Introduction: In an era where digital innovation advances rapidly and cyber threats evolve just as quickly, it is crucial for organizations to reassess their security strategies. There is a growing…
Protecting Against Malicious Open Source Packages
What Works and What Doesn’t A software package is the dream of reusability made possible. Individual developers and organizations of all kinds contributed software components to public repositories, in standardized…
Innovator Spotlight: HUMAN
During my conversation with Lindsay Kaye, VP of Threat Intelligence at HUMAN Security, she emphasized how HUMAN tackles some of the most complex and overlooked threats in today’s digital landscape….
Innovator Spotlight: Salt Security
In a world where APIs have become integral to the digital and technical experience, they also represent a significant security risk, often flying under the radar of traditional security solutions….
Innovator Spotlight: Tanium
During my conversation with Melissa Bischoping, Senior Director of Security & Product Design Research at Tanium, she emphasized how the company addresses the critical challenge of operational risk and security…
Innovator Spotlight: Lineaje
Attending Black Hat 2024 with Cyber Defense Magazine is always an enlightening experience, giving me the opportunity to interview several industry leaders who are paving the way of cybersecurity innovation. …