Risk management

A successful risk management plan helps enterprises identify, plan for and mitigate potential risks. Learn about the components of risk management programs, including penetration tests, vulnerability and risk assessments, frameworks, security awareness training and more.

August 18, 2022 18 Aug'22
Russian cyber attacks on Ukraine driven by government groups

Researchers with Trustwave say the cyber attacks against Ukraine are not the work of enlisted private hacking groups but Russian government intelligence agencies.
August 16, 2022 16 Aug'22
For cyber insurance, some technology leads to higher premiums

Though cyber insurance demand is exceeding supply and companies might receive less coverage with higher premiums, experts say there are ways enterprises can reduce risk.
August 16, 2022 16 Aug'22
Zero Day Initiative seeing an increase in failed patches

In a Q&A with TechTarget Editorial, Trend Micro Zero Day Initiative's Brian Gorenc and Dustin Childs discuss incomplete patches and the value of personal researcher relations.
August 11, 2022 11 Aug'22
Researchers reveal Kubernetes security holes, prevention

Researchers with Palo Alto Networks took the stage at Black Hat to explain how configurations and system privileges in Kubernetes clusters can allow container escape and takeover.

Bring yourself up to speed with our introductory content

cyber attack

A cyber attack is any attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Continue Reading
Why security chaos engineering works, and how to do it right

While 'chaos' doesn't sound like something software security managers would want, chaos engineering has an enticing amount of value when it comes to identifying potential threats. Continue Reading
How to create a threat profile, with template

Read five key steps on how to create a threat profile, and get started making them customized to your organization with our free template. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

5 reasons to integrate ESG and cybersecurity

Every business faces global systemic risks, yet most have failed to integrate cybersecurity with ESG programs. Here are five reasons why integration makes good business sense. Continue Reading
5 data security challenges enterprises face today

Data empowers enterprises to succeed. But with great power comes great responsibility -- to keep that data secure. Here are five challenges today's businesses must meet. Continue Reading
Cybersecurity lessons learned from COVID-19 pandemic

Cybersecurity lessons companies learn from the COVID-19 pandemic include having work-from-home preparations and developing disaster recovery and business continuity plans. Continue Reading

Learn to apply best practices and optimize your operations.

Cybersecurity governance: A path to cyber maturity

Organizations need cybersecurity governance programs that make every employee aware of the cybersecurity mitigation efforts required to reduce cyber-risks. Continue Reading
How to ensure a secure metaverse in your organization

Before deploying your company's metaverse, follow these practices -- including inventorying vulnerabilities and developing T&Cs -- to proactively address metaverse security issues. Continue Reading
5 tips for building a cybersecurity culture at your company

As a company's cyber risks evolve, so must its culture. Here are five tips for creating a cybersecurity culture that protects the business and is meaningful for employees. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

A guide to MSP patch management best practices

As software patch management challenges mount, industry experts offer advice to MSPs on prioritizing system risk levels, selecting proper tools and testing patches internally. Continue Reading
Prepare for deepfake phishing attacks in the enterprise

Deepfake phishing has already cost at least one company $243,000. Learn how cybersecurity leaders can train users to recognize this emerging attack vector. Continue Reading
Case study: Why it's difficult to attribute nation-state attacks

If two attacks look similar, don't assume they're from the same attacker. It's difficult to attribute nation-state attacks, as evidenced by the notorious 2016 Odinaff malware. Continue Reading