Dark Reading

Mobile Application Security: 2021's Breaches

01/04/2022
Many of last year's largest app breaches could have been prevented with testing, training, and the will to take app security seriously.

Vinnie Liu Has a Mission: Keeping People Safe Online and Offline

01/04/2022
Security Pro File: The years at the National Security Agency shaped Vinnie Liu's views on security. "We're missionaries, not mercenaries," he says.

Why CIOs Should Report to CISOs

01/04/2022
If the CISO is responsible for the security of the organization, then that same person also should be responsible for both security and IT infrastructure.

Log4j Remediation Rules Now Available for WhiteSource Renovate and Enterprise

01/04/2022
The Software Composition Analysis leader now offers a remediation preset for WhiteSource Renovate and Enterprise, enabling users to identify and fix the Log4j vulnerability from hundreds of downstream dependent packages of Log4j.

Palo Alto Networks Appoints Helmut Reisinger to Leadership Team

01/04/2022
Reisinger joins as CEO, EMEA and Latin America, to accelerate global growth strategy.

CISOs Plan What to Buy With Funds From the Infrastructure Bill

01/03/2022
CISOs welcome the cybersecurity funding allocated under the Infrastructure Investment and Jobs Act, but say it’s not perfect because it doesn't address a key issue: people.

Florida's Broward Health Confirms October 2021 Breach

01/03/2022
The Oct. 15 breach compromised personal medical information, including history, condition, diagnosis, and medical record number.

Pathr.ai Reaffirms Position as Privacy-Centric Solution for Retailers with Spatial Intelligence Platform

01/03/2022
Pathr.ai’s Spatial Intelligence technology is used to improve business outcomes in a variety of retail use cases.

Log4j Highlights Need for Better Handle on Software Dependencies

01/03/2022
Security pros say the Log4j vulnerability is another warning call for enterprises to get more disciplined when keeping track of software bills of materials.

Name That Edge Toon: In Your Face!

01/03/2022
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

Creating the Next Generation of Secure Developers

01/03/2022
Helping management prioritize developer education is a tall order, but it's one the industry must figure out.

Adding Resiliency to BGP Avoids Network Outages, Data Loss

12/31/2021
Cisco Umbrella has mechanisms in place to ensure that end users don't lose connectivity even if ISPs and service providers experience outages.

Getting Started With Threat-Informed Security Programs

12/30/2021
Security leaders need to examine their business model, document risks, and develop a strategic plan to address those risks.

Zero Trust and Access: Protecting the Keys to the Kingdom

12/30/2021
Zero trust moves the control pane closer to the defended asset and attempts to tightly direct access and privileges.

In the Fight Against Cybercrime, Takedowns Are Only Temporary

12/30/2021
Disrupting access to servers and infrastructure continues to interfere with cybercrime activity, but it's far from a perfect strategy.

Why Cyber Due Diligence Is Essential to the M&A Process

12/29/2021
That announcement may feel good, but if your prospective acquisition's cybersecurity levels are substandard, it might be best to hold off.

7 Steps for Navigating a Zero-Trust Journey

12/29/2021
Don't think of zero trust as a product. Think of it as "how you actually practice security."

How Do I Reduce the Risk of An Insider Threat?

12/27/2021
The principle of least level of access gives employees just the privileges they need to do their jobs. Limiting what an employee can do is a core tenet of Zero Trust.

The CISO as Sustaining Force: Helping Infosec Staff Beat Burnout

12/27/2021
To protect their staffers, leaders should focus on identifying and alleviating root causes of burnout.

6 Security-Tech Innovations We're Excited to See in 2022

12/27/2021
The details on cybersecurity technologies that we expect to advance rapidly in the coming year.