Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Featured Post

The Expiring Trust Model: CISOs Must Rethink PKI in the Era of Short-Lived Certificates and Machine Identity

A silent and significant shift is occurring in the security foundation of the modern enterprise. It's not a new malware strain or a novel zero-day exploit, it is the digital certificate that so many organizations have relied on for decades as a critical element of trust and security in digital communications.

A CISO's guide to post-quantum readiness: How to build crypto agility now

The quantum threat isn’t theoretical—it’s operational. Quantum computing is rapidly shifting from research to reality, forcing chief information security officers (CISOs) to rethink cryptography, risk management and long-term data protection. In a previous post, I explained the quantum challenge. Recently, we explored why quantum readiness is not optional. Now, it’s time for action.

EP 13 - Pizza parties and profit margins: The business of cybercrime

Cybercriminals today operate more like startups than stereotypes—complete with org charts, sprint cycles, and pizza parties to celebrate successful breaches. In this episode of Security Matters, host David Puner talks with former CISO and U.S. Air Force veteran Ian Schneller about the evolving sophistication of threat actors and what it takes to stay ahead.

How to translate CVSS scores into financial impact: A CISO's risk quantification guide

In this article Chief Information Security Officers (CISOs) face the daunting task of balancing technical cybersecurity risks with the financial realities of their organization. One critical component in this balancing act is the use of vulnerability scoring systems, in particular, the CVSS score. This article provides a detailed guide on how to translate CVSS scores into tangible financial impact estimates using proven methods of risk quantification.

CISOs: Your Blind Spot Just Became Their Entry Point

As CISOs, you’ve invested heavily in desktop security, built out Zero Trust architectures, and hardened your perimeter. But there’s a critical gap many are still leaving exposed: mobile devices and the human behind the screen. In a world where your workforce runs on smartphones, overlooking mobile security is no longer an option.

EP 12 - From assumptions to accountability: A CISO's take on cloud risk

What does “secure by default” really mean—and is it enough? In this episode of CyberArk’s Security Matters, host David Puner sits down with Scott Barronton, Chief Information Security Officer (CISO) at Diebold Nixdorf, to explore the often-overlooked risks of cloud default settings and how assumptions can lead to vulnerabilities.

EP 12 - From assumptions to accountability: A CISO's take on cloud risk

What does "secure by default" really mean—and is it enough? In this episode of CyberArk’s Security Matters, host David Puner sits down with Scott Barronton, Chief Information Security Officer (CISO) at Diebold Nixdorf, to explore the often-overlooked risks of cloud default settings and how assumptions can lead to vulnerabilities.

Ep 3: CISOs hate their security tools

Sumo Logic’s 2025 Security Operations Insights report surveyed 500 IT and security leaders from enterprise organizations to uncover what’s really happening inside today’s SOCs. Join security experts Adam White, David Girvin, and Zoe Hawkins as they break down the top findings from the report and shed light on what every analyst and CISO has felt for years: the system needs a reset.