2014 was a year in which information security vaulted into the public eye, driven by a surge in both the number and the visibility of data breaches and compromises. This new attention will bring greater scrutiny in 2015, just as the nature and severity of threats continue to evolve for the worst.

Jake Madders highlights the increasing trend for distributed denial of service attacks to come with a ransom demand and explains what organizations can do to handle such a situation.

To get zero trust right, security teams need to ensure they achieve deep observability from cloud to core says Mark Coates. Here he explains what deep observability is and its role in zero trust.

Worldwide DDoS attacks increased significantly over the past year but they get much less publicity than other forms of cyber attack. Marie Hattar looks at why this is and what the latest techniques are to protect businesses against such incidents.

Cyber resilience brings the areas of information security, business continuity, and organizational resilience together says Alberto G. Alexander, Ph. D. In this article he presents the elements of a successful cyber resilience strategy and highlights the components of a cyber resilience framework.

It may not be the most interesting aspect of protecting your business but optimizing policy configuration for firewalls and other security devices is an important consideration. Asher Benbenisty examines four common security policy errors, and shows how organizations can avoid them.

Once you’ve come to terms with the harsh reality of the world, you come to understand that sooner or later, you will be the victim of a security breach. Chances are that it may not be this month, or even this year, but as the insightful Tyler Durden so shrewdly observed, “On a long enough timeline, the survival rate for everyone drops to zero.” Getting breached doesn’t establish whether or not you have a decent security program in place: but how you respond to a security breach does.

Chris Harris explains what double extortion ransomware is, explores the growing challenge that it poses for businesses, and looks at prevention tactics that can be implemented as part of a zero trust approach to cyber security.

Looking back over more than 12 months of pandemic lockdowns in various parts of the World and looking forward to the 'next normals', Spencer Lichtenstein considers the impacts on security operations management and the future trends in this area that we are likely to see.

A recent resurgence in ransomware has seen it shoot right back to the top of the cyber crime list. While much of this resurgence can be attributed to the arrival of new ransomware mutations, another factor seems to be playing a major role as well; the growth of cyber insurance. Jan van Vliet explains…

Your cloud infrastructure security will be managed by your cloud provider but the applications, workloads, and data are your responsibility. Oliver Pinson-Roxburgh looks at four areas that should be considered.

Tim Bandos explains how a thorough incident response plan can be one of the most effective means to protect a business against the growing threat of cyber attack and outlines the essential characteristics of such a plan.

Stephen Roostan looks at the concept of remediation velocity and its role in helping organizations gain control over managing technology vulnerabilities.

Vitaly Mzokov looks in detail at five emerging trends which are starting to effect virtualization security.

Gemma Platt shares five critical steps that businesses need to take in order to embed and embrace ISO 27001 risk assessments within their data protection processes.

Dan Wiley, head of incident response at Check Point, looks at the growing prevalence of DDoS as an attack vector, and gives a four-step guide to mitigating their impact.

Not a day seem to go by without news of another cyber incident. As human beings, we learn to get used to things, and become desensitised to events that don’t directly involve us. Is this happening when it comes to cyber threats? Mike Smith thinks so…

The assume breach approach is widely accepted as the starting point for cyber resilience, but is it helping organizations develop successful strategies? Chuck Everette thinks that it is not effective and in this article he explains why…

As organizations start to look to metaverse platforms the associated cyber security threats need consideration. Matias Madou looks at cyber security issues associated with the metaverse and offers some recommendations…

Paying a ransom is not the way to deal with a ransomware attack; instead comprehensive business continuity and disaster recovery planning provides the best solution says Paul Barber.