Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Configuration drift isn’t just “change.” It’s unmanaged change. Let's get practical about how teams should actually measure drift: ⇢ What type of change occurred⇢ How often those changes happen⇢ How critical they are in real context⇢ And—most importantly—how teams respond Volume alone isn’t the metric that matters. If changes pile up without response, alerts get ignored—and drift quietly becomes exposure.

As we slowly settle into the new rhythms of 2026, we are reminded that security starts with people The focus should always be on "bringing people along, not just implementing technology" to help keep our organizations future-ready.

Gold Blade doesn’t send phishing emails. Instead, they weaponize resumes and slip past defenses through legit recruitment sites. Sophos threat researcher Morgan Demboski breaks down their stealthy tactics.

The Asymmetric Threat: Why AI API Traffic is Hard to Predict As AI becomes more integrated into business operations, the way data moves through APIs is changing. In this clip from the A10 Networks webinar, "APIs are the Language of AI: Protecting Them is Critical," experts Jamison Utter and Carlo Alpuerto break down the concept of data asymmetry in AI.

Is your organization treating access reviews as a checkbox exercise — or a business enabler? In the full video, CyberArk’s Deepak Taneja explains why access reviews are becoming a critical pillar of identity security and zero trust — and how automation is reshaping their value across the business. Watch the full interview to learn why a compliance-only mindset creates risk, how organizations are modernizing access reviews, and what it takes to shift from audit task to strategic advantage.

Short-lived certificates outpace manual renewal. Automate discovery, policy, and renewal with CyberArk Certificate Manager.

Vulnerability management identifies weaknesses. Exposure management helps prioritize them based on real-world risk and context. Ed and Garrett unpack why traditional vulnerability programs struggle to drive real risk reduction. The challenge isn’t discovery. It’s prioritization and follow-through. Too often, vulnerabilities are treated as isolated IT tasks—handed off, tracked by SLAs, and stripped of the context that explains why they matter in the first place.

Ever feel like your online activity is a little too visible? A VPN might be the privacy boost you need. It encrypts your connection, hides your IP, and helps keep your data safer—especially on public Wi-Fi.

Are your cybersecurity skills ready for the AI era? In this clip, we reveal which traditional security frameworks still work and the one new mental shift you need to survive. It’s not just about code anymore—it’s about "Socio-Technical" thinking. Raji (Microsoft AI Security) breaks down exactly how to future-proof your career.

Real-Time Defense Against AI-Driven Account Takeover: How Memcyco Protects Organizations and Their Customers Memcyco recently featured in an ITSP Magazine podcast episode snippet, which this post is based on. You can listen to the full feature here. Our thanks go to the podcasters for having our CEO, Israel Mazin, on with them.