Microsoft 365 Empowers Business Users to Shoot Themselves in the Foot

Microsoft 365 Empowers Business Users to Shoot Themselves in the Foot

Citizen development allows users to design creative solutions for immediate problems, but it requires training and oversight to avoid security holes.

August 29, 2022

Citizen development allows users to design creative solutions for immediate problems, but it requires training and oversight to avoid security holes.

by Michael Bargury, CTO & Co-Founder, Zenity

August 29, 2022

6 min read

Article

Nearly 3 Years Later, SolarWinds CISO Shares 3 Lessons From the Infamous Attack

SolarWinds CISO Tim Brown explains how organizations can prepare for eventualities like the nation-state attack on his company’s software.

August 24, 2022

SolarWinds CISO Tim Brown explains how organizations can prepare for eventualities like the nation-state attack on his company’s software.

by Kolawole Samuel Adebayo, Contributing Writer

August 24, 2022

5 min read

Article

Meta Takes Offensive Posture With Privacy Red Team

Engineering manager Scott Tenaglia describes how Meta extended the security red team model to aggressively protect data privacy.

August 23, 2022

Engineering manager Scott Tenaglia describes how Meta extended the security red team model to aggressively protect data privacy.

by Jeffrey Schwartz, Contributing Writer, Dark Reading

August 23, 2022

6 min read

Article

Expiring Root Certificates Threaten IoT in the Enterprise

What happens when businesses’ smart devices break? CSOs have things to fix beyond security holes.

August 22, 2022

What happens when businesses’ smart devices break? CSOs have things to fix beyond security holes.

by Julianne Pepitone, Contributing Writer

August 22, 2022

6 min read

Article

NIST Weighs in on AI Risk

NIST is developing the AI Risk Management Framework and a companion playbook to help organizations navigate algorithmic bias and risk.

August 20, 2022

NIST is developing the AI Risk Management Framework and a companion playbook to help organizations navigate algorithmic bias and risk.

by Edge Editors, Dark Reading

August 20, 2022

3 min read

Article

Thoma Bravo Closes $6.9B Acquisition of Identity-Security Vendor SailPoint

All-cash transaction deal that was first announced in April means SailPoint is no longer a publicly traded company.

August 17, 2022

All-cash transaction deal that was first announced in April means SailPoint is no longer a publicly traded company.

by Dark Reading Staff, Dark Reading

August 17, 2022

1 min read

Article

Cybercriminals Weaponizing Ransomware Data for BEC Attacks

Attacked once, victimized multiple times: Data marketplaces are making it easier for threat actors to find and use data exfiltrated during ransomware attacks in follow-up attacks.

August 12, 2022

Attacked once, victimized multiple times: Data marketplaces are making it easier for threat actors to find and use data exfiltrated during ransomware attacks in follow-up attacks.

by Edge Editors, Dark Reading

August 12, 2022

3 min read

Article

Looking Back at 25 Years of Black Hat

The Black Hat USA conference’s silver jubilee is an opportunity to remember its defining moments, the impact it has made on the security community, and its legacy.

August 10, 2022

The Black Hat USA conference’s silver jubilee is an opportunity to remember its defining moments, the impact it has made on the security community, and its legacy.

by Andrada Fiscutean, Contributing Writer, Dark Reading

August 10, 2022

9 min read

Article

Don’t Take the Cyber Safety Review Board’s Log4j Report at Face Value

Given the lack of reporting requirements, the findings are more like assumptions. Here’s what organizations can do to minimize exposure.

August 09, 2022

Given the lack of reporting requirements, the findings are more like assumptions. Here’s what organizations can do to minimize exposure.

by Matt Chiodi, Chief Trust Officer, Cerby

August 09, 2022

5 min read

Article

What Adjustable Dumbbells Can Teach Us About Risk Management

A new workout leads to five smart lessons about the importance of converging security and fraud into a unified risk function.

August 08, 2022

A new workout leads to five smart lessons about the importance of converging security and fraud into a unified risk function.

by Joshua Goldfarb, Fraud Solutions Architect - EMEA and APCJ, F5

August 08, 2022

5 min read

Article

Name That Edge Toon: Up a Tree

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

August 01, 2022

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

by John Klossner, Cartoonist

August 01, 2022

1 min read

Article

Overcoming the Fail-to-Challenge Vulnerability With a Friendly Face

Ahead of their Black Hat USA talk in August, Simon Pavitt and Stephen Dewsnip explain the value of helping people practice cyber defense via a “malicious floorwalker” exercise.

July 27, 2022

Ahead of their Black Hat USA talk in August, Simon Pavitt and Stephen Dewsnip explain the value of helping people practice cyber defense via a “malicious floorwalker” exercise.

by Karen Spiegelman, Features Editor

July 27, 2022

6 min read

Article

Why Layer 8 Is Great

To help discern legitimate traffic from fraud, it helps to understand user intent as shown through their behavior.

July 25, 2022

To help discern legitimate traffic from fraud, it helps to understand user intent as shown through their behavior.

by Joshua Goldfarb, Fraud Solutions Architect - EMEA and APCJ, F5

July 25, 2022

4 min read

Article

Understanding Proposed SEC Rules Through an ESG Lens

Cyber threats are putting environmental, social, and governance discussions at the forefront of board meetings and C-suite discussions around the globe.

July 22, 2022

Cyber threats are putting environmental, social, and governance discussions at the forefront of board meetings and C-suite discussions around the globe.

by Stephen Lawton, Contributing Writer

July 22, 2022

5 min read

Article

Equitable Digital Identity Verification Requires Moving Past Flawed Legacy Systems

Data science can be used to improve access to government assistance while reducing fraud.

July 21, 2022

Data science can be used to improve access to government assistance while reducing fraud.

by Jordan Burris, Senior Director of Product Market Strategy for the Public Sector, Socure

July 21, 2022

5 min read

Article