Cybersecurity Resource Library

Building Blocks for Next-Gen Security Operations

Security operations are changing quickly. Security tools are evolving and AI is changing how organizations approach security analytics. Faced with an ever-expanding attack surface, increased threats, ever-tightening budgets, and more complex business technology environments, the modern SOC needs to blend human expertise with machine intelligence to be able to respond. Here's what CISOs and SOC managers need to know

Building Blocks for Next-Gen Security Operations

Security operations are changing quickly. Security tools are evolving and AI is changing how organizations approach security analytics. Faced with an ever-expanding attack surface, increased threats, ever-tightening budgets, and more complex business technology environments, the modern SOC needs to blend human expertise with machine intelligence to be able to respond. Here's what CISOs and SOC managers need to know

Vulnerabilities / Threats

The State of Vulnerability Management in the Enterprise

This just-released Dark Reading report examines vulnerability management practices and uncovers how organizations prioritize security flaws in their environments and what risk-based approaches they are taking to address them.

The State of Vulnerability Management in the Enterprise

This just-released Dark Reading report examines vulnerability management practices and uncovers how organizations prioritize security flaws in their environments and what risk-based approaches they are taking to address them.

Risk

The State of Artificial Intelligence and Machine Learning in Cybersecurity

While AI appears to be coming of age, it’s still caught in awkward adolescence. Cybersecurity and IT departments are turning to AI to help them better manage and secure their businesses -- but not without some trepidation.

The State of Artificial Intelligence and Machine Learning in Cybersecurity

While AI appears to be coming of age, it’s still caught in awkward adolescence. Cybersecurity and IT departments are turning to AI to help them better manage and secure their businesses -- but not without some trepidation.

Endpoint

Digging Out of Your Organization's Technical Debt

Poor cybersecurity hygiene, legacy systems, out-of-date software, and poor patching make IT security difficult. Experts weigh in on who can help with assessing enterprise technical debt and coming up with a plan to dig you, and your enterprise, out.

Digging Out of Your Organization's Technical Debt

Poor cybersecurity hygiene, legacy systems, out-of-date software, and poor patching make IT security difficult. Experts weigh in on who can help with assessing enterprise technical debt and coming up with a plan to dig you, and your enterprise, out.

Threat Intelligence

Managing Third-Party Risk Through Situational Awareness

Third-party risks are rising due to a number of factors, including a growing number of business partnerships, as well as the increasing use of cloud infrastructure and services and externally developed software. With every new third party and partner, an organizaiton's attack surface grows. Surveys highlight that, when it comes to managing third-party cybersecurity risk, not enough is being done. See how enterprises can use threat intelligence to manage risks effectively.

Managing Third-Party Risk Through Situational Awareness

Third-party risks are rising due to a number of factors, including a growing number of business partnerships, as well as the increasing use of cloud infrastructure and services and externally developed software. With every new third party and partner, an organizaiton's attack surface grows. Surveys highlight that, when it comes to managing third-party cybersecurity risk, not enough is being done. See how enterprises can use threat intelligence to manage risks effectively.

Threat Intelligence

Threat Hunting's Evolution: From On-Premises to the Cloud

Attackers are constantly trying to break into enterprise environments. It’s the threat hunter’s job to find them before they do damage. This report discusses how threat evolution has evolved, from when on-premises systems were the norm to now, with cloud-based infrastructure. See what the experts have to say about the challenges threat hunters face and what enterprises must do to build and maintain a successful threat-hunting program.

Threat Hunting's Evolution: From On-Premises to the Cloud

Attackers are constantly trying to break into enterprise environments. It’s the threat hunter’s job to find them before they do damage. This report discusses how threat evolution has evolved, from when on-premises systems were the norm to now, with cloud-based infrastructure. See what the experts have to say about the challenges threat hunters face and what enterprises must do to build and maintain a successful threat-hunting program.

Cloud

State of Enterprise Cloud Security

Rising cloud adoption trends have put organizations on high alert for a wide range of associated security issues.

State of Enterprise Cloud Security

Rising cloud adoption trends have put organizations on high alert for a wide range of associated security issues.

Endpoint

Effective Asset Management Is Critical to Enterprise Cybersecurity

An enterprise cannot protect the business without knowing what devices and software it has -- on-premises, cloud, and spaces in between -- yet few organizations have effective asset management in place. Organizations need to take a holistic approach with automated discovery tools, robust data management processes, governance frameworks, and collaboration across teams. This report discusses how to set up asset management programs that help reduce risk and maintain a secure digital footprint.

Effective Asset Management Is Critical to Enterprise Cybersecurity

An enterprise cannot protect the business without knowing what devices and software it has -- on-premises, cloud, and spaces in between -- yet few organizations have effective asset management in place. Organizations need to take a holistic approach with automated discovery tools, robust data management processes, governance frameworks, and collaboration across teams. This report discusses how to set up asset management programs that help reduce risk and maintain a secure digital footprint.

Threat Intelligence

Leveling Up Cyber-Threat Intelligence Maturity for More Value and Better Insights

Great cyber-threat intelligence isn't just indicators of compromise (IoCs) and tactics, techniques, and procedures (TTPs); an effective intelligence program delivers strategic, operational, and tactical insights tailored to stakeholders across the business. By analyzing patterns and trends in data from both inside and outside an organization, security teams gain the insight needed to bolster detection, refine the security technology stack, and chart a course for strategic risk management.

Leveling Up Cyber-Threat Intelligence Maturity for More Value and Better Insights

Great cyber-threat intelligence isn't just indicators of compromise (IoCs) and tactics, techniques, and procedures (TTPs); an effective intelligence program delivers strategic, operational, and tactical insights tailored to stakeholders across the business. By analyzing patterns and trends in data from both inside and outside an organization, security teams gain the insight needed to bolster detection, refine the security technology stack, and chart a course for strategic risk management.

Operations

Outsourcing Security Without Inviting Risk and Wasting Money

Few enterprises have all the cybersecurity skills and resources they need in-house, making outsourcing a necessity. Rather than trying to build an internal kingdom, it’s often more beneficial for midsize and large organizations to build their core team and strategically outsource specific capabilities. Experts weigh in on how to select and work with third-party security service providers

Outsourcing Security Without Inviting Risk and Wasting Money

Few enterprises have all the cybersecurity skills and resources they need in-house, making outsourcing a necessity. Rather than trying to build an internal kingdom, it’s often more beneficial for midsize and large organizations to build their core team and strategically outsource specific capabilities. Experts weigh in on how to select and work with third-party security service providers

App Sec

How Enterprises Secure Their Applications

Organizations are boldly embracing AppSec practices and focusing on their software security posture, but age-old problems of insufficient funding and security resources remain major roadblocks. Learn more in this in-depth research report.

How Enterprises Secure Their Applications

Organizations are boldly embracing AppSec practices and focusing on their software security posture, but age-old problems of insufficient funding and security resources remain major roadblocks. Learn more in this in-depth research report.

Attacks / Breaches

How Supply Chain Attacks Work -- and How to Secure Against Them

Software supply chains are increasingly facing attacks that are notoriously challenging to identify and protect against. Here’s what security teams need to know.

How Supply Chain Attacks Work -- and How to Secure Against Them

Software supply chains are increasingly facing attacks that are notoriously challenging to identify and protect against. Here’s what security teams need to know.

Making Sense of Your Security Data: The 6 Hardest Problems

Maximizing security operations data takes not only an understanding of data sources and what they mean for risk, but also careful data management and cost awareness. Security data is typically siloed and it's also extremely diverse and varying in quality. Security operations personnel have to perform deep analysis and thoroughly understand data's context to use it effectively. The data integration and analysis issues that crop up from data silos demand a lot of strategic and tactical planning.

Making Sense of Your Security Data: The 6 Hardest Problems

Maximizing security operations data takes not only an understanding of data sources and what they mean for risk, but also careful data management and cost awareness. Security data is typically siloed and it's also extremely diverse and varying in quality. Security operations personnel have to perform deep analysis and thoroughly understand data's context to use it effectively. The data integration and analysis issues that crop up from data silos demand a lot of strategic and tactical planning.

Attacks / Breaches

The State of Incident Response

IT and cybersecurity teams are confident about their incident response practices as they evolve into a collaborative effort integrating cross-functional teams and external partners. Learn more about

The State of Incident Response

IT and cybersecurity teams are confident about their incident response practices as they evolve into a collaborative effort integrating cross-functional teams and external partners. Learn more about

Operations

How Enterprise Are Responding to the Incident Response Challenge

Many organizations bolstered their incident response capabilities last year to address a wide and growing range of security threats to their IT environments. The efforts drove an increase in the number of organizations that have an established security operations center, dedicated security staff, and full-fledged incident response teams. Many have established security operations centers and have a dedicated incident response team to address a continuing increase in reported security incidents.

How Enterprise Are Responding to the Incident Response Challenge

Many organizations bolstered their incident response capabilities last year to address a wide and growing range of security threats to their IT environments. The efforts drove an increase in the number of organizations that have an established security operations center, dedicated security staff, and full-fledged incident response teams. Many have established security operations centers and have a dedicated incident response team to address a continuing increase in reported security incidents.

Risk

How Enterprises Assess Their Cyber-Risk

Organizations have deployed an array of controls for managing cyber-risks as they deal with a complex landscape of threats. While cloud and remote workforce issues dominate the agenda, these are just two of the ever-increasing number of cyber-risks at modern enterprise organizations

How Enterprises Assess Their Cyber-Risk

Organizations have deployed an array of controls for managing cyber-risks as they deal with a complex landscape of threats. While cloud and remote workforce issues dominate the agenda, these are just two of the ever-increasing number of cyber-risks at modern enterprise organizations

ICS/OT

Industrial Networks in the Age of Digitalization

Now more than ever, increasingly connected operational technology (OT) networks face real cyber threats -- and a generation of new industrial control system (ICS)/OT security products and services aims to fill the security gaps.

Industrial Networks in the Age of Digitalization

Now more than ever, increasingly connected operational technology (OT) networks face real cyber threats -- and a generation of new industrial control system (ICS)/OT security products and services aims to fill the security gaps.

Endpoint

Zero-Trust Adoption Driven by Data Protection, Cloud Access Control, and Regulatory Compliance Requirements

Zero-trust initiatives are a key focus for many companies. Nearly 30% of organizations are already rolling out zero-trust initiatives to control access to their data and assets and more than 80% will have the capability within the next 18 months. Organizations are addressing cybersecurity challenges by enhancing identity and access management, privileged-access management, and data classification. They expect to see budgets for zero-trust initiatives grow modestly over the next 12 months.

Zero-Trust Adoption Driven by Data Protection, Cloud Access Control, and Regulatory Compliance Requirements

Zero-trust initiatives are a key focus for many companies. Nearly 30% of organizations are already rolling out zero-trust initiatives to control access to their data and assets and more than 80% will have the capability within the next 18 months. Organizations are addressing cybersecurity challenges by enhancing identity and access management, privileged-access management, and data classification. They expect to see budgets for zero-trust initiatives grow modestly over the next 12 months.

Cloud

The Keys to Successfully Securing Cloud-Native Environments

As the use of cloud computing rises, so does the complexity of these environments and the volume of attacks targeting cloud systems. As the ability to spin up infrastructure becomes more decentralized, a new generation of vulnerabilities and risks are created in misdelivery, misconfiguration, and publishing errors. This is the world enterprise security teams find themselves as they work to secure their cloud systems. Here is how to secure cloud-native systems and development pipelines.

The Keys to Successfully Securing Cloud-Native Environments

As the use of cloud computing rises, so does the complexity of these environments and the volume of attacks targeting cloud systems. As the ability to spin up infrastructure becomes more decentralized, a new generation of vulnerabilities and risks are created in misdelivery, misconfiguration, and publishing errors. This is the world enterprise security teams find themselves as they work to secure their cloud systems. Here is how to secure cloud-native systems and development pipelines.

Risk

The State of Generative AI in the Enterprise

With the sudden increase in organizations embracing generative AI tools, cybersecurity professionals are employing multiple strategies to mitigate risks to privacy, security, and regulatory compliance issues.

The State of Generative AI in the Enterprise

With the sudden increase in organizations embracing generative AI tools, cybersecurity professionals are employing multiple strategies to mitigate risks to privacy, security, and regulatory compliance issues.

Vulnerabilities / Threats

The State of Vulnerability

While many organizations today run either formal or informal vulnerability management programs, they struggle to patch and mitigate most discovered bugs due to budget and staffing constraints.

The State of Vulnerability

While many organizations today run either formal or informal vulnerability management programs, they struggle to patch and mitigate most discovered bugs due to budget and staffing constraints.

Threat Intelligence

Using Threat Intelligence to Transform Security Programs

Building a modern and effective cybersecurity team today means efficiently sharing cybersecurity intelligence. Cyber threat intelligence helps organizations maximize their digital defenses, respond better when attacks do occur, and even inform how to improve the overall security program. In years past, the challenge was finding threat intelligence. Now, it is finding useful signals in the data. Here’s how to get started.

Using Threat Intelligence to Transform Security Programs

Building a modern and effective cybersecurity team today means efficiently sharing cybersecurity intelligence. Cyber threat intelligence helps organizations maximize their digital defenses, respond better when attacks do occur, and even inform how to improve the overall security program. In years past, the challenge was finding threat intelligence. Now, it is finding useful signals in the data. Here’s how to get started.

Operations

Key Elements Enterprises Need to Include in Modern SecOps

Security teams are overhwlemed in the operations center. As the enterprise's first line of defense against an active attack, the security operatoins center sifts through theat intelligence, events data, logs, and activity reports from throughout the enterprise and key partners. How can CISOs give the SOC the necessary tools to effectively manage the systems and data? What will it take to unlock effective threat detection and master data collection and response for modern defense?

Key Elements Enterprises Need to Include in Modern SecOps

Security teams are overhwlemed in the operations center. As the enterprise's first line of defense against an active attack, the security operatoins center sifts through theat intelligence, events data, logs, and activity reports from throughout the enterprise and key partners. How can CISOs give the SOC the necessary tools to effectively manage the systems and data? What will it take to unlock effective threat detection and master data collection and response for modern defense?

Operations

Passwords Are Pass�: Next Gen Authentication Addresses Today's Threats

Passwordless is topic du jour in cybersecurity, and security teams are trying to make sense out of the plethora of technology options and identity layers available. Here's how to adopt a next-generation authentication architecture.

Passwords Are Pass�: Next Gen Authentication Addresses Today's Threats

Passwordless is topic du jour in cybersecurity, and security teams are trying to make sense out of the plethora of technology options and identity layers available. Here's how to adopt a next-generation authentication architecture.

Remote Workforce

How to Deploy Zero Trust for Remote Workforce Security

As the number of workers who want to work remotely rise, more organizations are turning to zero trust to secure and monitor these remote workers. Many of the essential elements of a remote security policy are also aspects of a zero-trust strategy, such as strong passwords, implementing two-factor authentication, and limiting access to sensitive data to only those who need it. Here's what a zero trust approach looks like for the remote workforce.

How to Deploy Zero Trust for Remote Workforce Security

As the number of workers who want to work remotely rise, more organizations are turning to zero trust to secure and monitor these remote workers. Many of the essential elements of a remote security policy are also aspects of a zero-trust strategy, such as strong passwords, implementing two-factor authentication, and limiting access to sensitive data to only those who need it. Here's what a zero trust approach looks like for the remote workforce.

Risk

The State of Supply Chain Threats

Widely exploited vulnerabilities in open source software and malicious components being loaded in trusted public repositories have highlighted issues in the software supply chain. Here’s what organizations are doing to mitigate their risk.

The State of Supply Chain Threats

Widely exploited vulnerabilities in open source software and malicious components being loaded in trusted public repositories have highlighted issues in the software supply chain. Here’s what organizations are doing to mitigate their risk.

Attacks / Breaches

What Ransomware Groups Look for in Enterprise Victims

It is easy to fall into the trap of thinking your organization is too small, or too uninteresting, to be targeted by ransomware. But as attacks against educational institutions, fast-food franchises, shipping companies, retailers, and healthcare organizations have shown, ransomware gangs are casting a wide net for their victims. Learn how attackers identify who to target and things they look for in victim networks when putting together their attack campaigns.

What Ransomware Groups Look for in Enterprise Victims

It is easy to fall into the trap of thinking your organization is too small, or too uninteresting, to be targeted by ransomware. But as attacks against educational institutions, fast-food franchises, shipping companies, retailers, and healthcare organizations have shown, ransomware gangs are casting a wide net for their victims. Learn how attackers identify who to target and things they look for in victim networks when putting together their attack campaigns.

Operations

Where and When Automation Makes Sense for Enterprise Security

A shortage of skilled IT security professionals has made it tempting to try to automate everything, but not everything can be safely automated. Learn how emerging automation technologies work and how security teams can implement them in a way that is both secure and effective.

Where and When Automation Makes Sense for Enterprise Security

A shortage of skilled IT security professionals has made it tempting to try to automate everything, but not everything can be safely automated. Learn how emerging automation technologies work and how security teams can implement them in a way that is both secure and effective.

Analytics

The Secrets of Successful SecOps Data Analytics

If there’s something all security operations teams need, but few get right, it is utilizing security data analytics. An effective SecOps data analytics program enables SecOps teams to continuously monitor their environments for signs of compromise and stop potential attacks before they can cause serious damage. Also, good data makes effective collaboration between SecOps and IT possible. Here's how to make sense out of too much data and too many data sources for better enterprise security.

The Secrets of Successful SecOps Data Analytics

If there’s something all security operations teams need, but few get right, it is utilizing security data analytics. An effective SecOps data analytics program enables SecOps teams to continuously monitor their environments for signs of compromise and stop potential attacks before they can cause serious damage. Also, good data makes effective collaboration between SecOps and IT possible. Here's how to make sense out of too much data and too many data sources for better enterprise security.

Threat Intelligence

Creating an Effective Incident Response Plan

Security teams are realizing their organizations will experience a cyber incident and that they need an effective incident response plan -- one that takes into account their requirements and has been tested.

Creating an Effective Incident Response Plan

Security teams are realizing their organizations will experience a cyber incident and that they need an effective incident response plan -- one that takes into account their requirements and has been tested.

Related Topics

Related Topics

Related Topics

Related Topics

Cybersecurity Resource Library