Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

Fidelis Elevate (XDR): A Proactive Way to Eliminate Blind Spots

The growing complexity of IT environments—across cloud, IoT, and hybrid settings—has ushered in new opportunities for innovation but also expanded the threat landscape for cyber vulnerabilities. These vulnerabilities, now known as blind spots, serve as areas within an organization’s security posture that are ignored or poorly monitored.

CyberArk + Wiz: Securing the Cloud, One Identity at a Time

Discover how CyberArk and Wiz are revolutionizing cloud security! In this exclusive interview with Information Security Media Group, CyberArk Chief Strategy Officer Clarence Hinton and Wiz Vice President of Product Extensibility & Partnerships Oron Noah discuss how their partnership addresses critical cloud challenges: Key Highlights: Watch now to explore how CyberArk and Wiz empower organizations to secure their cloud environments effortlessly!

Cloudflare Radar's 2024 Internet Year in Review

Explore the worldwide trends that shaped the Internet with Cloudflare Radar’s 2024 Internet Year in Review. Join Host João Tomé and Cloudflare Head of Data Insights, David Belson as they look at Internet trends and patterns across 2024. We also discuss Robotcop and how content creators can prevent bots and crawlers from scraping their sites using a button in the AI Audit section of the Cloudflare dashboard.

Cybersecurity in 2025: Converging Identities, Private AIs and Autonomous APTs

2024 has proved historic for technology and cybersecurity—and we still have some distance from the finish line. We’ve witnessed everything from advancements in artificial intelligence (AI) and large language models (LLMs) to brain-computer interfaces (BCIs) and humanoid robots. Alongside these innovations, new attack vectors like AI model jailbreaking and prompt hacking have emerged. And we also experienced the single largest IT outage the world has ever seen.

94% of U.K. Businesses Aren't Adequately Prepared for AI-Driven Phishing Scams

A new report makes it clear that U.K. organizations need to do more security awareness training to ensure their employees don’t fall victim to the evolving use of AI. Here at KnowBe4, we’ve long known that AI is going to be a growing problem, with phishing attacks and the social engineering they employ far more believable and effective.

Sophisticated Phishing Campaign Attempts to Bypass SEGs

A widespread phishing campaign is attempting to steal credentials from employees working at dozens of organizations around the world, according to researchers at Group-IB. The campaign has targeted organizations across twelve industries, including government, aerospace, finance, energy, telecommunications, and fashion. “The campaign begins with phishing links crafted to mimic trusted platforms commonly used for document management and electronic signatures, such as DocuSign,” Group-IB says.

Day in the Life of a CISO: Evaluating a Plugin Vendor

It’s mid-morning, and I’m making good progress when an email from a department head pops into my inbox. They’re thrilled about a new plugin that promises to streamline workflows for one of our most critical platforms. Naturally, they need me to sign off on the vendor’s security posture before they can move forward. I get it—business efficiency is important, but so is ensuring we don’t invite unnecessary risk into our environment.

Difference Between Supply Chain Detection & Response (SCDR) vs. Managed Detection and Response Services (MDR)

In today’s cybersecurity landscape, organizations face an ever-growing variety of threats, many of which originate from their supply chains. Traditional cybersecurity measures like Managed Detection and Response (MDR) have been widely adopted, but newer, more advanced approaches like Supply Chain Detection and Response (SCDR) are redefining how businesses tackle external risks.

A Day in the Life of a CISO: An Employee Email Discovered in a Password Dump

The notification lands in my SecurityScorecard dashboard just as I’m wrapping up a meeting. An employee’s email address has shown up in a password dump on a dark web monitoring feed. Another day, another reminder of why cybersecurity is a full-contact sport.

IAM vs PAM: What's the Difference?

The main difference between Identity and Access Management (IAM) and Privileged Access Management (PAM) is that IAM manages who has access to which resources, while PAM secures access to sensitive information. IAM involves solely user identities, and PAM falls under the umbrella of IAM by monitoring user identities with access to privileged data. Continue reading to learn more about IAM and PAM, their key differences and when to implement them in your organization.