Many organizations are turning to secure access service edge (SASE) to help ensure cyber resilience while enabling safe remote working and effective digital transformation. Michael Wood provides some advice for organizations looking to start their SASE journey.

Without knowing it, many organizations have repeatedly punched holes into their once-secure perimeter says Ian Kilpatrick. While security is no longer mainly about perimeter protection, it is still a vital element…

Until recently the standard advice was to turn to your backups to initiate a response to a ransomware attack. However, as attackers have adapted their techniques to target backups is this approach still feasible? Peter Groucutt describes three ways of protecting backups to ensure that they can be used effectively after a ransomware attack.

The quest to seek out cyber threats can seem an impossible task; but, like any mission, ultimate success begins with methodical planning and taking an intelligence-driven approach. It requires both patience and a determination to search where others may not think to look. By Tim Bandos.

Nick Pollard outlines the key steps that will help organizations not only understand the value of their data, but can also help to build a more risk-based and tailored incident response plan.

Information security has become a fixture in the daily headlines, ranging from the latest high-profile data breach; to exotic hacks of USB drives, ICS devices and IOT systems; and new zero-day exploits and attack techniques. While these stories are interesting and help us understand the vulnerabilities and risks that make up the threat landscape, they reflect a frequent bias in the industry towards focusing on the ‘cool’ exploit and detection side of cyber-defense, rather than the more operational response and mitigation side. This article by Proofpoint considers the other side of the equation, looking at incident response and outlining four steps to success in this area.

As organizations move growing volumes of data to the cloud, cyber security strategies need to be augmented with next-generation machine learning technologies that boost threat-protection capabilities says Anurag Kahol.

Luke Potter looks at four of the most basic security oversights identified during penetration testing that leave businesses vulnerable to a data breach.

Joe DiPietro looks at the challenges that IT faces during a merger or acquisition and provides practical advice on how to ensure the corporate networks maintain security during the process.

Various business continuity incidents - and even normal activities in the business calendar, such as bank holidays - can see a large rise in the number of workers connecting remotely; and this in itself can cause problems. In this article Guillermo Lafuente looks at the technologies that are available to help manage remote access requirements; and what security issues need to be considered.

Whilst network segmentation is not a new approach, it is very relevant to assisting organizations protect themselves against cyber attacks. However, its implementation and long-term maintenance is a major challenge for many companies. In this article Andrew Lintell provides some useful pointers.

By failing to embrace security expertise and innovation up front, businesses are incurring far too much risk. Adam Boone insists it is time make cyber security a priority for every C-suite…

Taking a security-first approach involves prioritizing security in all areas of the business, including its people, processes and applications; and requires moving away from a simple ‘protecting the perimeter’ approach. Justin Calmus highlights four key areas that organizations need to consider when moving in this direction.

Businesses face significant challenges in applying the new EU Data Protection Regulation to paper records; Iron Mountain offers some advice.

Citrix and Terminal Servers provide highly valuable functionality for session-based access, but to date have had an Achilles heel when it comes to privileged account management across multiple users. It’s time for organizations to secure this potential threat vector.

Zero trust is a popular talking point when it comes to security, however, in reality, end-to-end zero trust is not workable for the vast majority of modern businesses. Despite this, you can use the zero trust approach in a practical way in a real-world environment, argues Chris Cooper.

Organizations may be tempted to dismiss artificial intelligence as something which is currently out of their reach, but Thorsten Kurpjuhn says that this is definitely not the case. In fact, AI can help businesses of all sizes to ensure network uptime and protection.

Daniel Kapellmann Zafra, Keith Lunden, Nthan Brubake, and Jeremy Kennelly provide an update on ransomware which targets industrial production and critical infrastructure organizations.

Gary Watson says that organizations should never get to the stage where they need to ask the above question. Combining data security with data protection can keep data safe and eliminate the need to pay ransoms.

While cyber security protection is still important, the focus is moving to a ‘When, Not If’ approach to cyber breaches. Coupled with changes in the targets and methods of cyber attacks, this means that organizations need to review their approach in this area. Mark Saville explores…