Skip to content



The Physical Ramifications of Cyber Response

Sixty-seven percent of surveyed incident responders reported experiencing stress or anxiety in their daily lives, while others said they experienced insomnia, burnout, and impacts on their social life and relationships.

‘Pen-Tested’ by a Hacker: What to Believe

Some criminals are posing as penetration testers, offering corporate security reports in exchange for ransom payments. Here’s how to spot the difference between who’s legitimate and who’s a con, and measures to take to protect your networks.

Illustration of a phish hook ascending from a red cloud to steal a html code from a laptop. How can you prevent your Security-as-a-Service Applications  from being hacked?

SaaS Applications Create a Growing Attack Surface

With several incidents in 2022 leveraging prominent Security-as-a-Service applications, experts warn that this is a trend that is likely to continue to pose a risk. Here are some simple steps to help mitigate the risk of these kinds of attacks at your organization.

Employees: The First Line of Defense Against Cyberattacks

Approximately 20 percent of burned-out employees said the security policies for the companies they work for “aren’t worth the hassle.” This is not the attitude you want from the people who should comprise your first line of defense in cybersecurity.

Man installs security camera on the side of a building. How can you enhance your organization’s security systems?

How to Harden Security Infrastructure Against Attacks

Studies and industry security alerts have shown that most organizations do not sufficiently harden and protect physical security systems. Here’s some guidance to get started on enhancing the security of your organization’s security system assets.

Zero Trust

Why Zero Trust Must Extend into Deep Infrastructure

Serious, persistent threats are already looming in your infrastructure. The lowest-hanging fruit—and the most vulnerable point of attack—is where you may least expect it: the hardware and firmware that lies in the deep layers of your physical infrastructure.

The All-Too-Dumb World of Smart Cities Technology

Smart cities tech runs the gamut from policing tools and transit sensors to educational software and more. But the tech routinely hoovers up sensitive data on city residents, including their movements and audio, video, and biometric data—even before cities know what to do with the data, and even though they may never know what to with it.

The Dual-Use Dilemma: Insights from the Arms Fair

Interception and intrusion cyber capabilities sold by private companies are increasingly being marketed to intelligence and government agencies. New efforts attempt to stop them from winding up in the hands of U.S. and NATO adversaries.

Targeting All Lonely Hearts

Romance scams are easier than ever through social media and online dating, and the schemes can be very profitable for fraudsters.

On the Road to Connectivity

Connected vehicles are quickly taking over the roadway, bringing enhanced safety features and cyber vulnerabilities along with them.

Business Strategy

Five Tools to Drive Cyber Success

Understanding how policies, procedures, and tools impact your security posture is critical. A new report helps shed light on what’s working, what’s not, and how security leaders can adopt best practices with C-suite engagement.

cloud adoption

Cloud in the Crosshairs

Organizations are increasingly embracing opportunities to leverage the cloud, which can create security risks if vulnerabilities are left unaddressed.

Risk Adrift

The vessels the world relies on to ship cargo from one side of the planet to the other are becoming increasingly connected, creating business opportunities and cyber risks for operational technology.

Cyber Lexicon

Cyber 101 for Physical Security Practitioners

When it comes to cybersecurity, there are many terms and concepts that are beneficial for physical security professionals and IT professionals alike to understand. Here are a few to help you get started.

U.S. Government Plays Cyber Catch-Up

Following a series of high-profile cyber incidents, a watchdog highlighted the increasing threat breaches, intrusions, and attacks pose to the U.S. government.

A Cyber Seat at the Table

Nearly half of board members surveyed identified cybersecurity as a top source of risk moving forward. CISOs should expect more scrutiny, support, and resources as a result of the board’s attention.


Spies in the Supply Chain

A massive intrusion into U.S. government and private sector networks shows how nation-state actors are developing supply chain attacks for cyber space.


Stalkerware Fuels Technology-Enabled Abuse

With the proliferation of connected homes, virtual assistants, and smartphones, abusers have more tools than ever to track and control victims. When the workplace enters the home, however, this puts employees and employers at increased risk.

How to Protect an Election

The challenges to secure the 2020 U.S. Presidential Election and its system infrastructure are vast. But so are the new tools in place to help monitor and protect the 2020 election.

The Problem with Patrolling

New research finds that while organizations have made strides to improve data management, they still lack investment in breach detection.

Flight Risks

End users are increasingly adopting unmanned aerial systems for security and operational needs. But they could be introducing cybersecurity risks in flight.

Is Security Converging?

New research by the ASIS Foundation indicates that full convergence of physical security, cybersecurity, and business continuity is not commonplace.

When The Money’s Gone

The longest U.S. government shutdown in history could have major ramifications for the nation’s cybersecurity.

How to Bridge the Gap

Once siloed, cyber and physical security teams are now working together to address corporate risk.

A Warm-Up Election

Following the U.S. midterm elections, officials move their focus to the 2020 presidential election.

The Cost of a Connection

LinkedIn can be a valuable networking and recruitment tool. It can also be used to target employees to obtain corporate secrets.

The Privacy Problem

Private companies come together to demand that authorities create privacy regulations to protect users’ data and technology.


Security News Roundup: Former Twitter Security Official Testifies, Monarchy Protestors, Progress Fighting Violent Crime, and Other News

A roundup of security-related news headlines: GSX Daily; Whistleblower: China, India Had Agents Working for Twitter; Package Explodes at Boston’s Northeastern University, Injuring One; Police Arrest Anti-Monarchy Protesters at Royal Events in England, Scotland; FBI and Law Enforcement Partners Arrest Nearly 6,000 Violent Criminals This Summer; and GPS Jammers Are Being Used to Hijack Trucks and Down Drones: How to Stop Them.

American Companies Missing Half of All Threats, but Downplaying Risks

Threats to private sector organizations abound—exacerbated by persistent political, social, and economic issues—but U.S. companies aren’t keeping up. By the end of 2022, 26 percent of executives at American companies anticipate they will miss at least 51 percent of threats, a new report found.

Who’s in Charge of Water Utility Cybersecurity Checks?

There are currently no minimum cybersecurity mandates for the water sector in the United States, although the Biden Administration is working to develop and implement some that target the 1,600 water companies that serve large populations.

Repercussions from Shanghai National Police Data Breach

While availability on the Dark Web of hacked Chinese data has recently increased, so too have Chinese users' interest in Dark Web forums, thanks to one of the world's largest data breaches - 23 terabytes of information on roughly 1 billion Chinese citizens, which was collected by the Shanghai National Police.

Humans Remain the Biggest Risk to Cybersecurity

More than 82 percent of all data breaches are caused by human-based risks, including phishing, business email compromise (BEC), and ransomware, largely because of a lack of diversity in security awareness teams compounded by increasingly sophisticated attacks.

U.S. Launches Task Force to Address Online Harassment

“The tragic events in Buffalo and Uvalde have underscored a fact known all too well by many Americans: the internet can fuel hate, misogyny, and abuse with spillover effects that threaten our communities and safety online," a fact sheet on the new initiative said.

Today in Security: Profile of a Ransomware Target

Research examines the Dark Web advertisements of ransomware perpetuators to build a profile of the ideal target: a U.S.-based company with at least $100 million in revenue not operating in taboo sectors.

Today in Security: CISA Warns of Cloud Service Attacks

The U.S. Cybersecurity and Infrastructure Security Agency issued an alert this week, warning security practitioners of recent cyberattacks against organizations’ cloud services that exploited poor hygiene practices and phishing tactics.

Today in Security: U.S. Laws Address Deepfakes

The recently enacted defense authorization bill and other federal and state laws call for research and begin to codify restrictions on deepfake technology; European countries have not addressed the issue directly.

Today in Security: U.S. Top Cybersecurity Official Fired

U.S. President Donald Trump announced on Twitter Tuesday that he decided to fire Chris Krebs, the director of CISA, which has led the way for federal cybersecurity initiatives, public–private sector information sharing and partnerships, and election security.

Today in Security: World Password Day

The first Thursday of May is designated World Password Day, arguably more important than before as several organizations in various countries have workers operating remotely in response to the COVID-19 pandemic.