Here’s a rundown of the most interesting news, articles, interviews and videos from last week.
Balancing Cybersecurity and Business Priorities: Advice for Boards
In this Help Net Security interview, Google Cloud Director of Financial Services, CISO Office, Alicja Cade learns how asking the right questions can improve cyber performance and readiness, promote responsible AI practices, and understand the need for cybersecurity. provides insight on how to balance with other business priorities.
Wargaming Effective Data Breach Playbook
It may be impossible to anticipate all possible twists and turns of compromise, but through extensive wargaming, teams can simulate a variety of situations to gain an active advantage.
5 free online cybersecurity resources for small businesses
In this article, we’ll explore five free resources that small businesses can leverage to improve their cybersecurity posture without breaking the bank.
Economic uncertainty drives upskilling as a key strategy for organizations
In this Help Net Security video, Aaron Rosenmund, Director of Security Research and Curriculum at Pluralsight, explores how investing in developing technical skills can give overwhelmed employees the tools they need to navigate new and unfamiliar responsibilities. It explains how to wear it.
AI Tools Like ChatGPT Expected To Facilitate BEC Attacks
According to Armorblox, 57% of all BEC attacks seen in the past year relied on language as the primary attack vector to get in front of unsuspecting employees.
Security Beyond Software: The Evolution of Open Source Hardware Security
When talking about IT security, most people immediately think of software-based protection against software-based threats (ransomware, viruses, and other forms of malware).
Implement a zero trust system using workload identities across the Kubernetes service mesh
In this Help Net Security video, Michael Peters, Principal Software Engineer at Red Hat, explains how to implement a zero trust system using workload identities across a Kubernetes service mesh. Integration of these services with upcoming projects such as Keylime (for identity associated with hardware authentication) and Sigstore (for his identity during software builds).
Researchers Uncover Sensitive Corporate Data in Decommissioned Router
According to ESET, when looking at configuration data, 56% of retired routers that were retired and sold on the secondary market contained sensitive corporate data.
The Biggest Blind Spot in Data Security: Authorization
Too many people have access to company data they don’t need. Also, too many companies focus on authentication (verifying identity) as a security measure and overlook the importance of authorization (verifying access rights).
Ransomware Reinfection and Business Impact
In this Help Net Security video, Malwarebytes Lead MDR Analyst AnnMarie Nayiga discusses the dangers of ransomware re-infection.
Outdated cybersecurity practices leave the door open to criminals
According to ExtraHop, organizations have experienced a significant increase in ransomware. In 2022, he had four attacks in one year, versus an average of four attacks in five years in 2021.
How to deal with the endurance of shadow IT and the risks associated with it
As the pandemic pushes businesses to adopt cloud apps, allows remote workers to continue working, and empowers employees to inevitably become more independent and buy the apps they need, the existence of shadow IT is being challenged. Perception has changed.
How companies approach building and executing effective cybersecurity programs
In this Help Net Security video, Code42 CEO and President Joe Payne explains that insider data loss isn’t a new problem, it’s becoming more complex.
Tight budgets and burnout are pushing companies to outsource cybersecurity
According to Cobalt, cybersecurity teams struggle to manage remediation processes and monitor vulnerabilities, putting organizations at higher risk of security breaches.
Pre-pandemic techniques fuel record fraud rates
Rise and adoption of AI, imminent recession, and resurgence of pre-pandemic fraud techniques have seen record rates of fraud attacks against both consumers and businesses at the largest financial institutions, insurers, and retailers, according to Pindrop is increasing.
AI verification system gives businesses an edge over fraudsters
Scammers are underestimating the power of AI to detect fake identities, according to a new report from Ondato.
New Information Security Products of the Week: April 21, 2023
Here are the most interesting releases of the past week from Armorblox, Cofense, D3 Security, Sotero, Venafi, Veracode, Versa Networks, and Zyxel Networks.
