Tag: strategy
-
Human-Centered Leadership Strengthens OT Security
OTsec Canada Chairman on Balancing Wellness, Collaboration and Compliance. Organizations defending critical infrastructure must shift from compliance-focused strategies to holistic resilience. Ahead of the OTsec Canada Summit, Énergir CISO Martin Laberge outlines why people-first leadership and national coordination are essential for OT security resilience. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/human-centered-leadership-strengthens-ot-security-a-29886
-
RISK IDENT kommentiert die EU-Verordnung zu Instant Payments – Verification of Payee (VoP)
Die Einführung von VoP ist der richtige Anlass, die eigene Anti-Betrugs-Strategie ganzheitlich zu überprüfen und zu stärken. Statt sich nur auf die Erfüllung der regulatorischen Vorgabe zu konzentrieren First seen on infopoint-security.de Jump to article: www.infopoint-security.de/risk-ident-kommentiert-die-eu-verordnung-zu-instant-payments/a42567/
-
RISK IDENT kommentiert die EU-Verordnung zu Instant Payments – Verification of Payee (VoP)
Die Einführung von VoP ist der richtige Anlass, die eigene Anti-Betrugs-Strategie ganzheitlich zu überprüfen und zu stärken. Statt sich nur auf die Erfüllung der regulatorischen Vorgabe zu konzentrieren First seen on infopoint-security.de Jump to article: www.infopoint-security.de/risk-ident-kommentiert-die-eu-verordnung-zu-instant-payments/a42567/
-
NDSS 2025 Revealing The Black Box Of Device Search Engine Session 1B: Internet Security
Tags: access, conference, framework, Internet, malicious, mitigation, network, privacy, risk, service, strategy, technology, tool, vulnerabilityAuthors, Creators & Presenters: Mengying Wu (Fudan University), Geng Hong (Fudan University), Jinsong Chen (Fudan University), Qi Liu (Fudan University), Shujun Tang (QI-ANXIN Technology Research Institute; Tsinghua University), Youhao Li (QI-ANXIN Technology Research Institute), Baojun Liu (Tsinghua University), Haixin Duan (Tsinghua University; Quancheng Laboratory), Min Yang (Fudan University) PAPER Revealing the Black Box of Device…
-
What is a Passkey for Mobile Devices?
Explore passkeys for mobile devices: what they are, how they work, their security advantages, and implementation strategies for developers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/what-is-a-passkey-for-mobile-devices/
-
Cybersecurity on a budget: Strategies for an economic downturn
This blog offers practical strategies, creative defenses, and talent management advice to help your business stay secure when every dollar counts. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/cybersecurity-on-a-budget-strategies-for-an-economic-downturn/
-
Cybersecurity on a budget: Strategies for an economic downturn
This blog offers practical strategies, creative defenses, and talent management advice to help your business stay secure when every dollar counts. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/cybersecurity-on-a-budget-strategies-for-an-economic-downturn/
-
Top 7 agentic AI use cases for cybersecurity
Tags: access, ai, attack, authentication, ceo, cyber, cybersecurity, data, detection, fraud, identity, infrastructure, jobs, mitigation, monitoring, office, phishing, resilience, risk, scam, service, soc, strategy, technology, threat, tool, vulnerability, zero-trust2. Security operations center support: Security operations centers (SOCs) are a great use case for agentic AI because they serve as the frontline for detecting and responding to threats, says Naresh Persaud, principal, cyber risk services, at Deloitte.With thousands of incidents to triage daily, SOCs are experiencing mounting alert fatigue. “Analysts can spend an average…
-
Top 7 agentic AI use cases for cybersecurity
Tags: access, ai, attack, authentication, ceo, cyber, cybersecurity, data, detection, fraud, identity, infrastructure, jobs, mitigation, monitoring, office, phishing, resilience, risk, scam, service, soc, strategy, technology, threat, tool, vulnerability, zero-trust2. Security operations center support: Security operations centers (SOCs) are a great use case for agentic AI because they serve as the frontline for detecting and responding to threats, says Naresh Persaud, principal, cyber risk services, at Deloitte.With thousands of incidents to triage daily, SOCs are experiencing mounting alert fatigue. “Analysts can spend an average…
-
NDSS 2025 Secure IP Address Allocation At Cloud Scale Session 1B: Internet Security
Authors, Creators & Presenters: Eric Pauley (University of Wisconsin–Madison), Kyle Domico (University of Wisconsin–Madison), Blaine Hoak (University of Wisconsin–Madison), Ryan Sheatsley (University of Wisconsin–Madison), Quinn Burke (University of Wisconsin–Madison), Yohan Beugin (University of Wisconsin–Madison), Engin Kirda (Northeastern University), Patrick McDaniel (University of Wisconsin–Madison) PAPER Secure IP Address Allocation at Cloud Scale Public clouds necessitate dynamic…
-
NDSS 2025 Secure IP Address Allocation At Cloud Scale Session 1B: Internet Security
Authors, Creators & Presenters: Eric Pauley (University of Wisconsin–Madison), Kyle Domico (University of Wisconsin–Madison), Blaine Hoak (University of Wisconsin–Madison), Ryan Sheatsley (University of Wisconsin–Madison), Quinn Burke (University of Wisconsin–Madison), Yohan Beugin (University of Wisconsin–Madison), Engin Kirda (Northeastern University), Patrick McDaniel (University of Wisconsin–Madison) PAPER Secure IP Address Allocation at Cloud Scale Public clouds necessitate dynamic…
-
Security for AI: A Practical Guide to Enforcing Your AI Acceptable Use Policy
Tags: access, ai, awareness, best-practice, business, chatgpt, compliance, control, corporate, data, data-breach, disinformation, finance, governance, government, guide, intelligence, LLM, malicious, monitoring, openai, privacy, regulation, risk, service, strategy, technology, threat, tool, training, update, vulnerabilityAn AI acceptable use policy can help your organization mitigate the risk of employees accidentally exposing sensitive data to public AI tools. Benchmark your organization’s policy against our best practices and discover how prompt-level visibility from Tenable AI Exposure eases policy enforcement. Key takeaways: An AI acceptable use policy governs the appropriate use of generative…
-
NDSS 2025 CHAOS: Exploiting Station Time Synchronization in 802.11 Networks
Session 1A: WiFi and Bluetooth Security Authors, Creators & Presenters: Sirus Shahini (University of Utah), Robert Ricci (University of Utah) PAPER CHAOS: Exploiting Station Time Synchronization in 802.11 Networks Many locations, especially in urban areas, are quite noisy with WiFi traffic. In addition to data traffic, WiFi stations send management and control frames that can…
-
NDSS 2025 CHAOS: Exploiting Station Time Synchronization in 802.11 Networks
Session 1A: WiFi and Bluetooth Security Authors, Creators & Presenters: Sirus Shahini (University of Utah), Robert Ricci (University of Utah) PAPER CHAOS: Exploiting Station Time Synchronization in 802.11 Networks Many locations, especially in urban areas, are quite noisy with WiFi traffic. In addition to data traffic, WiFi stations send management and control frames that can…
-
Step aside, SOC. It’s time to ROC
Tags: attack, breach, business, communications, corporate, cyber, cybersecurity, data, defense, exploit, finance, framework, government, infrastructure, insurance, intelligence, military, monitoring, network, resilience, risk, risk-assessment, soc, strategy, threat, vpn, vulnerability, zero-dayWhat is a ROC?: At its core, the Resilience Risk Operations Center (ROC) is a proactive intelligence hub. Think of it as a fusion center in which cyber, business and financial risk come together to form one clear picture.While the idea of a ROC isn’t entirely new, versions of it have existed across government and…
-
Step aside, SOC. It’s time to ROC
Tags: attack, breach, business, communications, corporate, cyber, cybersecurity, data, defense, exploit, finance, framework, government, infrastructure, insurance, intelligence, military, monitoring, network, resilience, risk, risk-assessment, soc, strategy, threat, vpn, vulnerability, zero-dayWhat is a ROC?: At its core, the Resilience Risk Operations Center (ROC) is a proactive intelligence hub. Think of it as a fusion center in which cyber, business and financial risk come together to form one clear picture.While the idea of a ROC isn’t entirely new, versions of it have existed across government and…
-
New GhostGrab Android Malware Silently Steals Banking Login Details and Intercept SMS for OTPs
A sophisticated new Android malware family called GhostGrab is actively targeting mobile users with a dual-monetization strategy that combines covert cryptocurrency mining with comprehensive financial data theft. GhostGrab functions as a multifaceted threat that systematically harvests banking credentials, debit card details, personal identification information, and one-time passwords through SMS interception. According to analysis by CYFIRMA,…
-
BlueNoroff Shifts Tactics: Targets C-Suite and Managers with New Infiltration Methods
The North Korean-linked threat group BlueNoroff, also known by aliases including Sapphire Sleet, APT38, and Alluring Pisces, continues to evolve its attack tactics while maintaining its primary focus on financial gain. The group has shifted its strategy to employ sophisticated new infiltration methods targeting high-value victims including C-level executives, managers, and blockchain developers within the…
-
When Chatbots Go Rogue: Securing Conversational AI in Cyber Defense
Tags: ai, authentication, best-practice, compliance, cyber, data, encryption, privacy, risk, risk-management, strategy, vulnerabilityAs businesses increasingly rely on AI chatbots, securing conversational AI is now mission-critical. Learn about common chatbot vulnerabilities, AI risk management strategies, and best practices, from data encryption and authentication to model protection, to safeguard user trust, privacy, and compliance in the digital era. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/when-chatbots-go-rogue-securing-conversational-ai-in-cyber-defense/
-
Is it Time to Put Your SIEM on a Diet?
As data volumes and alert fatigue overwhelm traditional SIEM systems, security leaders are rethinking their approach. Discover strategies to streamline your SIEM, reduce costs, and improve threat detection efficiency through smarter data ingestion, AI-driven analytics, and cloud-native security architectures. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/is-it-time-to-put-your-siem-on-a-diet/
-
Innovative Strategies for NHI Security
How Secure Are Your Non-Human Identities in the Cloud? Where technology continuously evolves, how confident are you in your Non-Human Identities (NHIs) within cloud environments? These NHIs, essentially machine identities, serve as critical components in modern cybersecurity frameworks. Their management is pivotal for securing sensitive assets and ensuring operational integrity across various sectors. From financial……
-
T.H.E. Journal: The Hidden Cyber Risk in Schools
This article was originally published in T.H.E. Journal on 10/22/25 by Charlie Sander. Printers may not be glamorous, but they are an often-overlooked attack vector that should be part of every district’s cybersecurity strategy Cyber attacks are hitting K12 schools with alarming regularity. From mid-2023 through 2024, more than four out of five reporting districts faced some…
-
How to Take Vulnerability Management to the Next Level and Supercharge Your Career
Tags: access, ai, attack, authentication, awareness, business, ciso, cloud, compliance, cve, cvss, cybersecurity, data, exploit, flaw, framework, governance, identity, metric, mfa, risk, skills, strategy, technology, tool, update, vulnerability, vulnerability-managementAt Tenable, we believe the next generation of great CISOs and security leaders will arise from those vulnerability management professionals who are driving the shift to exposure management today. Key takeaways: Vulnerability management is crucial for the evolution toward a more strategic, business-aligned approach to cybersecurity, that’s why these professionals are best positioned to lead…
-
Qilin Targets Windows Hosts With Linux-Based Ransomware
The attack by the one of the most impactful RaaS groups active today demonstrates an evasion strategy that can stump defenses not equipped to detect cross-platform threats. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/qilin-targets-windows-hosts-linux-based-ransomware
-
Understanding the Concept of Enterprise IAM
Demystifying Enterprise IAM: Learn the core concepts, benefits, and implementation strategies for effective identity and access management in your organization. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/understanding-the-concept-of-enterprise-iam/
-
Data sovereignty proof: How to verify controls like ‘Project Texas’
“Verification regimes work best when they serve everyone’s interests. The reporting company wants a process that does not impose too many burdens or interrupt workflow while allowing it to demonstrate compliance. Oversight bodies want hard data that is difficult to fake and indicates adherence to the regime. Finally, these systems need to be simple enough…
-
Data sovereignty proof: How to verify controls like ‘Project Texas’
“Verification regimes work best when they serve everyone’s interests. The reporting company wants a process that does not impose too many burdens or interrupt workflow while allowing it to demonstrate compliance. Oversight bodies want hard data that is difficult to fake and indicates adherence to the regime. Finally, these systems need to be simple enough…
-
The 10 biggest issues CISOs and cyber teams face today
Tags: ai, attack, awareness, breach, business, ceo, ciso, computing, crime, cyber, cyberattack, cybersecurity, data, deep-fake, defense, email, encryption, exploit, finance, fraud, governance, group, hacker, international, mitigation, organized, phishing, ransom, risk, scam, service, strategy, supply-chain, technology, threat, tool, training, usa, vulnerability2. Escalating, and accelerating, AI-enabled attacks: A 2025 survey from Boston Consulting Group found that 80% of CISOs worldwide cited AI-powered cyberattacks as their top concern, a 19-point increase from the previous year. A 2025 survey from Darktrace, a security technology firm, found that 78% of CISOs reported a significant impact from AI-driven threats, up…