Risk Management articles

Join us for the fascinating story of how researchers in the UK and the US challenged received wisdom, and discovered how to share encryption keys securely, even with people you’ve never met.

Data breaches are at an all-time high, with the number of breaches almost doubling from 2022 to 2023. Most recently, CBS reported on a massive data breach that could likely contain the social security numbers (SSNs) of every US citizen. It’s a major leak of personally identifiable information (PII) and only adds to the amount of sensitive data, such as passwords and addresses, that has been leaked over the last decade. Although it’s easy to think that leaked PII in […]

Romance scams often lead to victim blaming. What can we do to avoid them, and to keep our own vulnerable friends and family safe?

The cybersecurity vendor market is quite complicated and it’s easy to get lost in the acronym soup. Whether it’s to make their product sound different or just the proclivity of the tech industry to abbreviate everything, it can be incredibly challenging for non-security people to understand what’s important and what isn’t. Making matters worse, many of the services overlap, meaning that you can invest in two “different” services or platforms and end up getting the same thing in both. One […]

Startup valuations are the scoreboard of success, and the podium for winners is Unicorn Status—when a company reaches a valuation of $1 billion. Achieving unicorn status is the dream of any startup, and it typically signals the startup’s strong potential to either go through an IPO or become acquired by a larger firm in an M&A deal. A start-up achieves unicorn status if: Unfortunately, because it might have vulnerabilities that more established, public companies don’t, achieving unicorn status also puts […]

What if we look beyond cybersecurity automation and algorithms?

What if we start out with a focus on cybersecurity culture, not on rules and rote?

Has encryption given us a false sense of security by luring us into assuming that if our data is safe a lot of the time, we can act as though it is safe all of the time?

What if we all adopted a cybersecurity culture anchored in value and quality, instead of a race-to-the-bottom predicated on cheapness and quantity?

Enterprises are juicy cyberattack targets for several reasons. They provide an enormous quantity of user data that hackers can exfiltrate; and, equally important, enterprises have the budget to pay large sums in ransomware attacks. Additionally, many enterprises deal with government contracts and house sensitive information that hostile nations are interested in. Enterprise security monitoring is essential when the stakes are this high. Let’s dive into what those stakes are, and how security monitoring can help. How can enterprise security monitoring […]

AI has exploded in the last two years, both in public adoption and in company valuations. So far in 2024, the AI sector has the highest valuations of any sector, even beating fintech, one of the most innovative and investment-heavy sectors around. The first six months of 2024 saw 13 new unicorns—a company valued at $1 billion or more—in the AI sector. New generative AI (gen AI) tools have improved the mainstream visibility of AI. Tools such as ChatGPT and […]

What if we all adopted a cybersecurity culture anchored in value and quality, instead of a race-to-the-bottom predicated on cheapness and quantity?

Some cybercriminals don’t probe your network to unleash a ransomware attack. Some of them just want login secrets to sell on for the next wave of cybercriminality.

Vulnerability management is an essential element of every cybersecurity plan. It involves the ongoing monitoring of a company’s digital footprint to find and fix any vulnerabilities in devices, systems, and applications that bad actors could exploit. It decreases a company’s risk exposure and is a proactive way of ensuring threat actors can’t gain access to a company’s private data. It’s also a huge undertaking. Many applications, including those that are cloud-based, that companies use need to be checked and patched […]

All the cybersecurity experts and vendors in the world failed to stop the SolarWinds attack. It’s often the fluency and completeness of how you respond to the news that really matters…