All Articles

In today’s rapidly evolving digital economy, the demand for robust cybersecurity measures is more critical than ever. Senior cybersecurity officers and Chief Information Security Officers (CISOs) face the dual challenge of defending their organizatio

As artificial intelligence (AI) capabilities advance, cyber attackers and defenders are entering a high-stakes arms race. Dark AI—malicious applications of AI for offensive purposes—leverages automation, precision, and adaptability to bypass traditio

Automated penetration testing uses specialized software to emulate cyberattacks on your IT systems. This helps find vulnerabilities before attackers do. It’s essential for strengthening your cybersecurity strategy through continuous and efficient ass

We are hosting an exclusive CISO Platform Talks session on Evaluating AI Solutions in Cybersecurity: Understanding the "Real" vs. the "Hype" featuring Hilal Ahmad Lone, CISO, Razorpay and Manoj Kuruvanthody, CISO & DPO, Tredence Inc.

In the evolving

CISA has raised the alarm about, the recently discovered CVE-2024-5910 in Palo Alto Networks’ Expedition tool. This vulnerability is being actively exploited, leaving organizations scrambling to secure their systems before attackers take advantage.

B

We had a community session on "Offensive Security: Breach Stories to Defense Using Offense" with Saravanakumar Ramaiah, (Director - Technology Risk Management, Sutherland) and Rajiv Nandwani (Global Information Security Director, BCG).

In this discus

I didn’t see much visibility on this DocuSign hack. This is a situation where the product features were not vetted to understand if they could be misused by malicious fraudsters. There is not a technical vulnerability, it comes down to a design weakn

I’m thrilled to join the incredible team at The Cyber Express as a member of their Editorial Advisory Board! It’s an honor to collaborate with an esteemed group of cybersecurity experts, all dedicated to delivering accurate, timely, and valuable insi

In the evolving landscape of cybersecurity, protecting sensitive customer data is paramount, especially when it comes to payment information. One innovation that has gained traction in recent years is the dynamic CVV (Card Verification Value). For Ch

𝗜𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁 𝗗𝘆𝗻𝗮𝗺𝗶𝗰 𝗖𝗩𝗩𝘀
𝘈𝘵𝘵𝘦𝘯𝘵𝘪𝘰𝘯 𝘙𝘉𝘐: The Future of Secure Banking is Here –

In today’s digital-first world, credit and debit card frauds pose significant challenges to both consumers and financial institutions. As card transactions grow, so do the ris

A “Perfect” 10 vulnerability score is not what users of Cisco Ultra-Reliable Wireless Backhaul (URWB) systems were expecting. The recently discovered cybersecurity vulnerability CVE-2024–20418 is remote, easy, and gives full Admin rights to the devi

I had a tremendous time at the InCyber Montreal forum. The speakers, panels, fellow practitioners, and events were outstanding!

I bumped into Dan Lohrmann and Nancy Rainosek before their panel with Sue McCauley on CISO challenges. We had some very int

Why spend the time, money, and resources on a security metrics program anyway? This section will review the Benefits of a Security Metrics Program 

A Lesson for Security Metrics from the Traffic Safety Industry 

Starting and maintaining an security

Why SEBI’s New Guidelines Make Automated Red Teaming Essential for Security Teams

When was the last time you looked at your organization’s security as if you were the one trying to break in? SEBI’s recent guidelines on cybersecurity call for exactly

We are hosting an exclusive CISO Platform Talks session on "Offensive Security: Breach Stories to Defense Using Offense" featuring Saravanakumar Ramaiah, Director - Technology Risk Management, Sutherland and Rajiv Nandwani, Global Information Securit

This is an interesting tactic by cyber attackers — using virtual machine hard drive files to bypass email malware filters!

Never underestimate the creativity and resourcefulness of intelligent adversaries in finding ways to leverage technology for the

The SEC has fined four major companies for materially misleading investors regarding cyberattacks.

Tech in Trouble

Regulatory actions have been brought against Unisys, Avaya, Check Point, and Mimecast for their purposeful decisions to not clearly infor

It is good to see US government leaders realize that ransomware is a growing existential threat to our country, at the hands of our adversaries.

A top US national cybersecurity advisor stated in a recent op-ed, “This is a troubling practice that must

Secureworks released a report detailing how North Korean attackers are targeting western countries with a new tactic. Attackers are fraudulently obtaining positions so they can victimize the employer!

I predict we will see more of these types of attac

There are big predators in our digital world. In recent keynotes I have been talking about the big 4 aggressive nation states and how they are heavily investing in offensive cyber capabilities that trickles down to everyday cybercriminals.  

Cybersec