Get started
Bring yourself up to speed with our introductory content.
Get started
Bring yourself up to speed with our introductory content.
The differences between inbound and outbound firewall rules
Firewalls can support both inbound and outbound firewall rules, but there are important differences between the two. Learn more about each and their uses. Continue Reading
DoS vs. DDoS: How they differ and the damage they cause
DoS and DDoS attacks may not be new, but that doesn't mean they are any less disruptive to organizations. Companies should understand what they are and how they work. Continue Reading
How dynamic malware analysis works
Security teams use dynamic malware analysis to uncover how malware works -- and thereby improve threat hunting and incident detection capabilities. Continue Reading
-
phishing
Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person in an email or other form of communication. Continue Reading
Multi-cloud security challenges and best practices
Where multi-cloud goes, security complexity follows. From configuration to visibility, organizations must be aware of these main challenges and how to overcome them. Continue Reading
computer forensics (cyber forensics)
Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law.Continue Reading
How to use a jump server to link security zones
Jump servers are a perfect example of less is more. By using these slimmed-down boxes, administrators can connect to multiple resources securely.Continue Reading
cybersecurity
Cybersecurity is the practice of protecting internet-connected systems such as hardware, software and data from cyberthreats.Continue Reading
Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to protect classified information.Continue Reading
How to craft cyber-risk statements that work, with examples
A cyber-risk statement should be clear, concise and simple -- but that doesn't mean it's easy to write. Get tips and read our cyber-risk statement examples.Continue Reading
-
operational risk
Operational risk is the risk of losses caused by flawed or failed processes, policies, systems or events that disrupt business operations.Continue Reading
What is cybersecurity mesh and how can it help you?
The concept of cybersecurity mesh could help solve and simplify issues created by multi-cloud deployments and the increase in remote work environments.Continue Reading
risk reporting
Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.Continue Reading
How to conduct a social engineering penetration test
Social engineering attacks are becoming more sophisticated and more damaging. Penetration testing is one of the best ways to learn how to safeguard your systems against attack.Continue Reading
Understand the pros and cons of enterprise password managers
Almost half of breaches occur because of compromised credentials. Using a password manager to control how users create their IDs may be a good step to protect enterprise assets.Continue Reading
cyberterrorism
Cyberterrorism is usually defined as any premeditated, politically motivated attack against information systems, programs, and data that threatens violence or results in violence.Continue Reading
keylogger (keystroke logger or system monitor)
A keylogger, sometimes called a keystroke logger, is a type of surveillance technology used to monitor and record each keystroke on a specific device, such as a computer or smartphone.Continue Reading
encryption
Encryption is the method by which information is converted into secret code that hides the information's true meaning.Continue Reading
dictionary attack
A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary, or word list, as a password.Continue Reading
SOAR (security orchestration, automation and response)
SOAR (security orchestration, automation and response) is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events with little or no human assistance.Continue Reading
communications security (COMSEC)
Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic or to any written information that is transmitted or transferred.Continue Reading
security operations center (SOC)
A security operations center (SOC) is a command center facility in which a team of information technology (IT) professionals with expertise in information security (infosec) monitors, analyzes and protects an organization from cyberattacks.Continue Reading
Cybersecurity career path: 5-step guide to success
Taking the lead from ISSA's framework, here's a guide to how you can map out a long and profitable career in cybersecurity.Continue Reading
10 must-have cybersecurity skills for career success in 2024
Looking to advance your cybersecurity career? Here are the skills you'll need to win that CISO job, land a gig as a threat hunter and snag other security positions in high demand.Continue Reading
4 tips to find cyber insurance coverage in 2024
The cyber insurance industry is settling down but isn't without challenges. Read up on cyber insurance in 2024 and how to get the most from your organization's coverage this year.Continue Reading
16 common types of cyberattacks and how to prevent them
To stop cybercrime, companies must understand how they're being attacked. Here are the most damaging types of cyberattacks and what to do to prevent them.Continue Reading
What is incident response? A complete guide
Incident response is an organized, strategic approach to detecting and managing cyberattacks in ways that minimize damage, recovery time and total costs.Continue Reading
indicators of compromise (IOC)
Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor.Continue Reading
digital forensics and incident response (DFIR)
Digital forensics and incident response (DFIR) is a combined set of cybersecurity operations that incident response teams use to detect, investigate and respond to cybersecurity events.Continue Reading
5 essential programming languages for cybersecurity pros
Coding is an important skill across almost every technology discipline today, and cybersecurity is no exception. Learn about the top programming languages for security professionals.Continue Reading
Business continuity vs. disaster recovery vs. incident response
To stay in business, expect the unexpected. Learn how business continuity, disaster recovery and incident response differ -- and why organizations need plans for all three.Continue Reading
How to build an incident response plan, with examples, template
With cyberthreats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company.Continue Reading
Incident response automation: What it is and how it works
Many of today's security operations teams are understaffed and overwhelmed. Learn how incident response automation can help them work smarter, instead of harder.Continue Reading
information assurance (IA)
Information assurance (IA) is the practice of protecting physical and digital information and the systems that support the information.Continue Reading
How to conduct incident response tabletop exercises
Have an incident response plan but aren't running incident response tabletop exercises? These simulations are key to knowing if your plan will work during an actual security event.Continue Reading
SOAR vs. SIEM: What's the difference?
When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data.Continue Reading
How to create a CSIRT: 10 best practices
The time to organize and train a CSIRT is long before a security incident occurs. Certain steps should be followed to create an effective, cross-functional team.Continue Reading
Incident management vs. incident response explained
While even many seasoned cybersecurity leaders use the terms 'incident management' and 'incident response' interchangeably, they aren't technically synonymous.Continue Reading
incident response team
An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency.Continue Reading
Incident response: How to implement a communication plan
Communication is critical to an effective incident response plan. Here are five best practices for communication planning and a free, editable template to get started.Continue Reading
extended detection and response (XDR)
Extended detection and response (XDR) is a technology-driven cybersecurity process designed to help organizations detect and remediate security threats across their entire IT environment.Continue Reading
vulnerability management
Vulnerability management is the process of identifying, assessing, remediating and mitigating security vulnerabilities in software and computer systems.Continue Reading
sandbox
A sandbox is an isolated testing environment that enables users to run programs or open files without affecting the application, system or platform on which they run.Continue Reading
Top 30 incident response interview questions
Job interviews are nerve-wracking, but preparation can minimize jitters and position you to land the role. Get started with these incident response interview questions and answers.Continue Reading
NIST Cybersecurity Framework
The NIST Cybersecurity Framework (CSF) provides guidance on how to manage and reduce IT infrastructure security risk.Continue Reading
How to become an incident responder: Requirements and more
Incident response is a growth area that provides career advancement options and a good salary. Here's an in-depth look at job requirements, salaries and available certifications.Continue Reading
How to create an incident response playbook
Using an incident response playbook can speed up an organization's responses to cyberattacks. Find out how to build repeatable playbooks to use for different types of incidents.Continue Reading
Top 12 online cybersecurity courses for 2024
Our panel of experts picked the best free and paid online cybersecurity courses for working professionals looking to advance their careers and for newbies breaking into the field.Continue Reading
Why effective cybersecurity is important for businesses
Cyber attacks can have serious financial and business consequences for companies, which makes implementing strong cybersecurity protections a critical step.Continue Reading
Ransomware trends, statistics and facts heading into 2024
Supply chain attacks, double extortion and RaaS are just a few of the ransomware trends that will continue to disrupt businesses in 2024. Is your industry a top target?Continue Reading
cybercrime
Cybercrime is any criminal activity that involves a computer, network or networked device.Continue Reading
identity theft
Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, to impersonate someone else.Continue Reading
one-time password
A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates a user for a single transaction or login one-time password session.Continue Reading
email signature
An email signature -- or signature block or signature file -- is the short text that appears at the end of an email message to provide more information about the sender.Continue Reading
Web fuzzing: Everything you need to know
Web fuzzing provides automated web application testing, which enables security teams to discover vulnerabilities within web apps before attackers do.Continue Reading
Zoombombing
Zoombombing is a type of cyber-harassment in which an unwanted and uninvited user or group of such users interrupts online meetings on the Zoom video conference app.Continue Reading
CISO (chief information security officer)
The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and ...Continue Reading
Generative AI is making phishing attacks more dangerous
Cybercriminals are using AI chatbots such as ChatGPT to launch sophisticated business email compromise attacks. Cybersecurity practitioners must fight fire with fire.Continue Reading
9 cybersecurity trends to watch in 2024
Analysts are sharing their cybersecurity trends and predictions for 2024. From zero-day attacks to generative AI security and increased regulations, is your organization ready?Continue Reading
cyber attack
A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage.Continue Reading
advanced persistent threat (APT)
An advanced persistent threat (APT) is a prolonged and targeted cyber attack in which an intruder gains access to a network and remains undetected for an extended period.Continue Reading
Mitre ATT&CK framework
The Mitre ATT&CK (pronounced miter attack) framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyber adversaries to help organizations strengthen their cybersecurity strategies.Continue Reading
timing attack
A timing attack is a type of side-channel attack that exploits the amount of time a computer process runs to gain knowledge about or access a system.Continue Reading
privileged identity management (PIM)
Privileged identity management (PIM) is the monitoring and protection of superuser accounts that hold expanded access to an organization's IT environments.Continue Reading
possession factor
The possession factor, in a security context, is a category of user authentication credentials based on items that the user has with them, typically a hardware device such as a security token or a mobile phone used in conjunction with a software ...Continue Reading
CISO as a service (vCISO, virtual CISO, fractional CISO)
A CISO as a service (CISOaaS) is the outsourcing of CISO (chief information security officer) and information security leadership responsibilities to a third-party provider.Continue Reading
SBOM formats compared: CycloneDX vs. SPDX vs. SWID Tags
Organizations can choose between three SBOM formats: CycloneDX, SPDX and SWID Tags. Learn more about them to determine which fits your organization best.Continue Reading
How to protect your organization from IoT malware
IoT devices are attractive targets to attackers, but keeping them secure isn't easy. Still, there are steps to take to minimize risk and protect networks from attacks.Continue Reading
cardholder data environment (CDE)
A cardholder data environment (CDE) is a computer system or networked group of IT systems that processes, stores or transmits cardholder data or sensitive payment authentication data.Continue Reading
mandatory access control (MAC)
Mandatory access control (MAC) is a security strategy that restricts the ability individual resource owners have to grant or deny access to resource objects in a file system.Continue Reading
threat detection and response (TDR)
Threat detection and response (TDR) is the process of identifying potential threats and reacting to them before they impact the business.Continue Reading
7 useful hardware pen testing tools
Penetration testers use a variety of hardware to conduct security assessments, including a powerful laptop, Raspberry Pi, Rubber Ducky and more.Continue Reading
Common Vulnerabilities and Exposures (CVE)
Common Vulnerabilities and Exposures (CVE) is a publicly listed catalog of known security threats.Continue Reading
cybersecurity asset management (CSAM)
Cybersecurity asset management (CSAM) is the process created to continuously discover, inventory, monitor, manage and track an organization's assets to determine what those assets do and identify and automatically remediate any gaps in its ...Continue Reading
authentication
Authentication is the process of determining whether someone or something is who or what they say they are.Continue Reading
ISO 27002 (International Organization for Standardization 27002)
The ISO 27002 standard is a collection of information security management guidelines that are intended to help an organization implement, maintain and improve its information security management.Continue Reading
privacy impact assessment (PIA)
A privacy impact assessment (PIA) is a method for identifying and assessing privacy risks throughout the development lifecycle of a program or system.Continue Reading
supercookie
A supercookie is a type of tracking cookie inserted into an HTTP header to collect data about a user's internet browsing history and habits.Continue Reading
What an email security policy is and how to build one
Companies must have an effective security policy in place to protect email from cybercriminals and employee misuse. Learn how to build one for your company.Continue Reading
What does an IT security manager do?
IT security managers need to have a passion for learning and critical thinking skills, as well as understand intrusion prevention and detection.Continue Reading
Top 12 IT security frameworks and standards explained
Several IT security frameworks and cybersecurity standards are available to help protect company data. Here's advice for choosing the right ones for your organization.Continue Reading
How to create a company password policy, with template
Use these guidelines and our free template to ensure your company's password policy sets the ground rules for strong and effective password creation and use.Continue Reading
integrated risk management (IRM)
Integrated risk management (IRM) is a set of proactive, businesswide practices that contribute to an organization's security, risk tolerance profile and strategic decisions.Continue Reading
How to use SDelete to ensure deleted data is gone for good
When data is deleted from a disk, is it gone? One way to make sure file info is permanently erased is to use SDelete, a utility specifically tailored to remove key data.Continue Reading
Plundervolt
Plundervolt is the name of an undervolting attack that targeted Intel central processing units (CPUs).Continue Reading
SSAE 16
The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance on using the standards, published by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (...Continue Reading
12 common types of malware attacks and how to prevent them
The umbrella term malware is one of the greatest cybersecurity threats enterprises face. Learn about 12 common types of malware and how to prevent them.Continue Reading
soft token
A soft token is a software-based security token that generates a single-use login personal identification number (PIN).Continue Reading
Structured Threat Information eXpression (STIX)
Structured Threat Information eXpression (STIX) is a standardized Extensible Markup Language (XML) programming language for conveying data about cybersecurity threats in a way that can be easily understood by both humans and security technologies.Continue Reading
antispoofing
Antispoofing is a technique for identifying and dropping packets that have a false source address.Continue Reading
Google Authenticator
Google Authenticator is a mobile security application that provides a second type of confirmation for websites and online services that use two-factor authentication (2FA) to verify a user's identity before granting him or her access to secure ...Continue Reading
Cybersecurity vs. cyber resilience: What's the difference?
Companies need cybersecurity and cyber-resilience strategies to protect against attacks and mitigate damage in the aftermath of a successful data breach.Continue Reading
Secure Sockets Layer certificate (SSL certificate)
A Secure Sockets Layer certificate (SSL certificate) is a small data file installed on a web server that allows for a secure, encrypted connection between the server and a web browser.Continue Reading
speculative risk
Speculative risk is a type of risk the risk-taker takes on voluntarily and will result in some degree of profit or loss.Continue Reading
Allowlisting vs. blocklisting: Benefits and challenges
Allowlisting and blocklisting are key components of access control. Learn the benefits and challenges of each approach and why a combination of the two is often the best strategy.Continue Reading
How to conduct a cyber-resilience assessment
It's a good cyber-hygiene practice to periodically review your organization's cybersecurity plans and procedures. Use this checklist to guide your cyber-resilience assessment.Continue Reading
What are the most important email security protocols?
Email was designed without security considerations. Email security protocols, including SMPTS, SPF and S/MIME, add mechanisms to keep messaging safe from threats.Continue Reading
security awareness training
Security awareness training is a strategic approach IT and security professionals take to educate employees and stakeholders on the importance of cybersecurity and data privacy.Continue Reading
5 steps to achieve a risk-based security strategy
Learn about the five steps to implement a risk-based security strategy that helps naturally deliver compliance as a consequence of an improved security posture.Continue Reading
chief risk officer (CRO)
The chief risk officer (CRO) is the corporate executive tasked with assessing and mitigating significant competitive, regulatory and technological threats to an enterprise's capital and earnings.Continue Reading