Measuring risk is a notoriously hard task, so Andy Ellis suggests teams focus on fixing the problems in fornt of them instead of trying to measure what could happen.
It's hard to separate the signal from the noise at the RSA Conference, so we asked a group of experts which topics they wish people were discussing more, including security metrics, applying engineering concepts to security, and more.
F5 has patched two vulnerabilities (CVE-2024-26026 and CVE-2024-21793) in its BIG-IP Next Central Manager console that can grant full admin control of the target application.
CIRCIA will mark a fundamental shift for CISA in the scale and scope of reported incidents that it receives from critical infrastructure entities.
Edge devices have become the go-to targets for cybercriminals and state actors, and experts say that will continue for the foreseeable future.
CISA's former and current directors talked at the RSA Conference this week about challenges around inherently insecure technology and an explosion of threat actors.
The IoT security landscape is grim, but private sector and government experts are trying to improve things through advocacy and collaboration.
At RSA Conference 2024, Kelly Shortridge, senior director of portfolio product management at Fastly, talks about the first steps organizations can take toward adopting a Secure by Design mindset and how businesses can approach the challenge of sustaining resilience in complex systems.
A newly proposed bill aims to set up databases and processes for voluntary sharing of security incidents related to, and vulnerabilities in, AI systems.
An unknown attacker compromised a customer database for Dropbox Sign and accessed authentication information such as OAuth tokens and MFA data.
In this special episode, Dennis Fisher and Lindsey O'Donnell-Welch are joined by Brian Donohue of Red Canary to preview the RSA conference talks they're excited about and to try to make sense of some of the session titles that are maybe a little indecipherable.
UnitedHealth CEO Andrew Witty faced criticism over the handling of the Change Healthcare ransomware attack in two different government hearings on Wednesday.
Businesses have been preparing security policies for generative AI in the workplace, but many executives say that they still don’t fully understand the security implications of AI.
The Verizon 2024 Data Breach Investigations Report shows a 180 percent increase in the use of vulnerability exploits in breaches from last year, thanks to MOVEit Transfer and other bugs.
In a special bonus Memory Safe episode, Dennis Fisher, Decipher’s editor in chief, talks about his decades of experience writing about cybersecurity news, the article he authored that inspired him to get into the industry (hint: it involved phishing) and how the cybersecurity news world has changed over the years.