Security Wire Daily News

The DOGE effect on security is a complex issue. Pursuit of efficiency might be a legitimate goal, but experts caution it can conflict with cybersecurity defenses.

Compliance automation, also known as automated compliance, is the practice of using technology -- such as applications with AI features -- to perform and simplify compliance procedures.

In this webinar, part of 'CISO Insights' series, cybersecurity experts debate the pros and cons of the Department of Government Efficiency's actions and the impact on their field.

Explore risk maturity models and assessment tools for enhancing enterprise risk management. Improve ERM programs to mitigate risk and gain a competitive edge.

Triple extortion ransomware is a type of ransomware attack in which a cybercriminal extorts their victim multiple times -- namely by encrypting data, exposing exfiltrated data and then threatening an additional third attack vector.

Foreign adversaries now infiltrate rival nation resources by using cyberattackers to pose as remote workers. Learn how to protect your organization with tips from this CISO.

Fourth-party risk management (FPRM) is the process of identifying, assessing and mitigating risks that originate from the subcontractors and service providers that an organization's third-party vendors use.

Ransomware locks an organization out of its data or digital services until it pays up. To minimize attacks, businesses can enhance security, train employees and back up data.

Security for information technology (IT) refers to the methods, tools and personnel used to defend an organization's digital assets.

Many users perform work tasks on their iPhones, relying on mobile VPNs to securely access corporate resources. Learn about VPN options for iPhones and how to set up these systems.

Application security teams are understandably worried about how developers use GenAI and LLMs to create code. But it's not all doom and gloom; GenAI can help secure code, too.

Knowing the types of risks businesses commonly face and their applicability to your company is a first step toward effective risk management.

Double extortion ransomware is a type of cyberattack that encrypts a victim's data, like in a traditional ransomware attack, while also adding a second attack vector of stealing that data.

Windows Hello allows desktop admins to manage local Windows authentication with new tools, but the difference between the free and business versions is critical for IT to know.

FileZilla is a free, open source file transfer protocol (FTP) application that enables users to transfer files between local devices and remote servers.

Risk appetite and risk tolerance are related, but they don’t mean the same thing. Not knowing the difference can cause big problems for your risk management program.

Red Hat Ansible and HashiCorp reps filled in the blanks about how infrastructure automation tools will more deeply integrate, news welcomed by financial services customers.

A passkey is an alternative user authentication method that eliminates the need for usernames and passwords.

Amazon, Microsoft, Google, Oracle and cloud-agnostic vendors offer cloud key management services. Read up on what each offers and how to choose the right KMS for your company.

Corporate boards must play an increasingly active role in overseeing cybersecurity strategies. Here's what they need to know, from SEC disclosure requirements to best practices.