Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cybercriminals today operate more like startups than stereotypes—complete with org charts, sprint cycles, and pizza parties to celebrate successful breaches. In this episode of Security Matters, host David Puner talks with former CISO and U.S. Air Force veteran Ian Schneller about the evolving sophistication of threat actors and what it takes to stay ahead.

Phishing attacks are cyberattacks where hackers use deceptive tactics to hack into user accounts to conduct fraud, scams, data breaches, identity theft, and more attacks.

For every enterprise CISO in the world right now, the burning question isn’t about cloud, TPRM, or internal threats. It’s about how to securely and responsibly adopt AI—specifically, agentic AI, the buzziest of today’s AI buzzwords. There’s no shortage of stats on skyrocketing adoption trends. Consider EY’s recent Technology Pulse Poll, which found that half of tech leaders have at least begun deploying agentic AI within their organizations.

Managing users in Atlassian Crowd often feels like walking a tightrope. You’re expected to ensure seamless access for every team member, revoke access the moment someone leaves, manage directory syncs, assign and revoke group permissions, and keep everything audit-ready at all times. And while Crowd gives you a central place to manage users across Jira, Confluence, Bitbucket, and more, it still largely demands manual efforts from admins.

Want to know how to secure a website the right way? Follow 16 expert tips from miniOrange using SSO, 2FA, and MFA to lock down every layer of your site.

‘Plague’ represents a newly identified Linux backdoor that has quietly evaded detection by traditional antivirus solutions for over a year. Its primary mechanism involves operating as a malicious PAM, allowing attackers to silently bypass system authentication and establish persistent SSH access to compromised Linux systems.

As ransomware strains hospital operations and supply‑chain attacks target energy grids, Australia’s public and regulated sectors need proven cyber resilience. At the heart of most breaches lie human error and weak identity controls, making the Infosec Registered Assessors Program (IRAP) assessment program the gold standard for moving sensitive workloads to the cloud.

Short-lived credentials reduce exposure – but they aren’t secure by default. Here’s what ephemeral identity gets right, and where it can fail.

AI agents are on the rise. They can spin up, act independently, use tools, and make decisions—often without real-time human oversight. They promise incredible productivity but also introduce new risks and challenges that can’t be ignored. As these agents become more autonomous and integrated into enterprise operations, they blur the lines between human and machine responsibilities. This raises critical questions: How do we ensure they act ethically?