Risk

The Log4j vulnerability is only the latest security flaw to have global impact, prompting the Biden administration and software developers to pledge to produce more secure software.

The next five years will bring the widespread use of hyperautomation in patch management. Part 3 of 3.

The reward is always front of mind, while the potential harm of giving out a phone number doesn't immediately reveal itself.

All the pen testing and tabletop exercises in the world won't help unless an organization has a complete and accurate understanding of its assets.

By combining risk-based vulnerability prioritization and automated patch intelligence, organizations can apply patches based on threat level. Part 2 of 3.

On a recent Friday night, three security experts got together to play custom games that explore attack risks in an engaging way.

New OT security platform directs attackers toward phony assets to deflect threats.

Advisory explains how to detect, respond to, and mitigate cyberattacks from Russian state-sponsored hacking groups.

Companies are more likely to rely on outside attorneys to handle cyber response in order to contain potential lawsuits. Meanwhile, cyber-insurance premiums are rising but covering less.

US cybersecurity services firm expands security services and network monitoring capabilities.

That announcement may feel good, but if your prospective acquisition's cybersecurity levels are substandard, it might be best to hold off.

A new study investigating consumer password use found 25% of online shoppers would abandon their carts of $100 if prompted to reset a password at checkout.

Data from dozens of penetration tests and security assessments suggest nearly every organization can be infiltrated by cyberattackers.

Security experts in Germany discover similar attacks that lock building engineering management firms out of the BASes they built and manage — by turning a security feature against them.

One leader alone can't protect an organization from cyber threats, C-suite leaders agree.