-
Strengthening Identity Security: Visibility, Governance, and Autonomous Remediation – our latest identity security deep dive
Our latest report on identity security, with a focus on how organizations are positioned to see what’s happening, govern identity protections, and autonomously remediate when things go wrong. Sponsored by Constella Intelligence, Dropsuite, Enzoic, and Silverfort. Continue Reading
-
2025 Cyber Survey: Application security at a breaking point – our latest report
Our new research for Radware dives into ongoing and emergent application security threats, combined with posture and readiness measures. We surveyed over 400 organizations in three industry groupings (financial services, healthcare, all others). AI, unsurprisingly, is already having a significant impact on application security realities. Continue Reading
-
Some thoughts on Hoxhunt’s research on AI-powered phishing versus human-written phishing
Hoxhunt says that AI-based phishing attacks have become better over the past two years at tricking users (getting them to click the phishing link) than human-written phishing messages. It’s a neat study. We digest the results and offer some POV. Continue Reading
-
In defense of Chris Krebs
We have applauded earlier Administrations for their stance on cybersecurity. Our hands are not clapping for the recent Presidential Memoranda targeting Christopher Krebs, SentinelOne, and CISA. Continue Reading
-
Some thoughts on CrowdStrike’s Global Threat Report 2025
Highlights from CrowdStrike’s 2025 Global Threat Report, including AI, nation-state adversaries, and identity compromise. Also talks about the major cybersecurity incident of 2024 that the report doesn’t even mention. Continue Reading
-
Identity security weaknesses at The Office of the Comptroller of the Currency: Some thoughts
The OCC disclosed a breach affecting 103 email accounts within its Microsoft 365 tenant, due to a compromised administrative account lacking multi-factor authentication. Spanning 20 months, hackers accessed sensitive information, raising concerns about public trust. Despite advocating for stronger security measures, the incident revealed vulnerabilities in the OCC’s cybersecurity practices. Some thoughts. Continue Reading
-
The State of Email Security in 2025 – our latest report
Our State of Email Security in 2025 research for TitanHQ analyzes email security challenges faced by organizations with up to 1,000 employees across the US, Canada, UK, and EU. The report highlights heightened threat perceptions, investment priorities in AI-enhanced and deepfake attacks, and other essential topics like phishing and security strategies. Continue Reading
-
Misdirected communications – 2024 update from the ICO
The latest data from the ICO (UK) on data security incidents, with misdirected emails in first place (for frequency). That’s unsurprising. Continue Reading
-
Some thoughts on Coalition’s 2024 Cyber Claims Report
Highlights of Coalition’s report from April 2024 on cyber risks and claim trends, which (among other things), found that 56% of claims started with an attack that made its way to an email inbox. Continue Reading
-
Cybersecurity investment priorities with Salt Security – webinar
Register to attend our webinar with Salt Security investigating cybersecurity investment priorities in 2025, plus where organizations are investing in application and API security this year. Webinar is on Tuesday March 18. Are you coming? Continue Reading