Risk

Announcing its exposure management platform, Tenable joins other companies in offering ways — such as attack surface management — to look at business networks through the eyes of attackers.

Another element of ML security is the data used to train the machine learning system itself.

Responding to cyberattacks is extraordinarily stressful, but better planning, frequent practice, and the availability of mental health services can help IR professionals, a survey finds.

While ransomware seems stalled, business email compromise (BEC) attacks continue to make profits from the ProxyShell and Log4j vulnerabilities, nearly doubling in the latest quarter.

Security service provider selects cybersecurity training platform to safeguard enterprises in LATAM.

Settling for 'satisfactory' level of readiness may underestimate growing levels of risk.

KnowBe4's Compliance Audit Readiness Assessment (CARA) now addresses select requirements from HIPAA Security Rule.

With provisional agreement reached on the Digital Operational Resilience Act, the clock is now ticking for banks and information and communications technology (ICT) services companies with European operations. Here's what you need to know.

Defend against phishing attacks with more than user training. Measure users' suspicion levels along with cognitive and behavioral factors, then build a risk index and use the information to better protect those who are most vulnerable.

Vulnerable configurations, software flaws, and exposed Web services allow hackers to find exploitable weaknesses in companies' perimeters in just hours, not days.

Why cyber teams are now front and center for business enablement within organizations, and the significant challenges they face.

Using its "Exmatter" tool to corrupt rather than encrypt files signals a new direction for financially motivated cybercrime activity, researchers say.

A crime syndicate based in Russia steals millions of dollars from credit card companies using fake dating and porn sites on hundreds of domains to rack up fraudulent charges.

Funding has been somewhat lower than last year, but investment remains healthy, analysts say, amid thirst for cloud security in particular.

Slack, Docker, Kubernetes, and other applications that allow developers to collaborate have become the latest vector for software supply chain attacks.