Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Applying a 'Three-Box Solution' to Identity Security Strategies

Physical and network barriers that once separated corporate environments from the outside world no longer exist. In this new technological age defined by hybrid, multi-cloud and SaaS, identities are the perimeter. Any one identity—workforce, IT, developer or machine—can become an attack path to an organization’s most valuable assets.

The Rise of the Machines and the Growing AI Identity Attack Surface

In 1968, a killer supercomputer named HAL 9000 gripped imaginations in the sci-fi thriller “2001: A Space Odyssey.” The dark side of artificial intelligence (AI) was intriguing, entertaining and completely far-fetched. Audiences were hooked, and numerous blockbusters followed, from “The Terminator” in 1984 to “The Matrix” in 1999, each exploring AI’s extreme possibilities and potential consequences.

The Human Factor in a Tech-Driven World: Insights from the CrowdStrike Outage

The idea that people are the weakest link has been a constant topic of discussion in cybersecurity conversations for years, and this may have been the case when looking at the attack landscape of the past. But we live in a new world where artificial intelligence (AI), large language models (LLMs) and deep fake technology are changing every day.

Zero Standing Privileges: The Essentials

In December, I’ll have been with CyberArk for seven years, and at a similar point, I’ll have spent two years leading product marketing for cloud security at the company. In my short tenure with CyberArk Product Marketing, I’ve advocated for zero standing privileges (ZSP) as a default mechanism for implementing privilege controls. It’s easier, more effective and doesn’t change how people work.

EP 59 - The Persistent Pursuit of Digital Transformation

In this episode of the Trust Issues podcast, Debashis Singh and host David Puner explore the intricate world of digital transformation and identity security. Debashis, the Global CIO at Persistent Systems, shares his frontline insights on the singular challenges and strategies organizations face on their digital transformation journeys.

CIO POV: CrowdStrike Incident Offers 3 Digital Resilience Lessons

On July 19, 2024, organizations around the world began to experience the “blue screen of death” in what would soon be considered one of the largest IT outages in history. Early rumors of a mass cyberattack were quickly squashed: it seemed a minor software update was to blame for countless shopping excursions cut short, airline flights grounded and critical surgeries postponed.

AI Treason: The Enemy Within

tl;dr: Large language models (LLMs) are highly susceptible to manipulation, and, as such, they must be treated as potential attackers in the system. LLMs have become extremely popular and serve many functions in our daily lives. Every reputable software company integrates artificial intelligence (AI) into its products, and stock market discussions frequently highlight the importance of GPUs. Even conversations with your mother might include concerns about AI risks.

Navigating Cloud Security: A Shared Responsibility

Each July, my family and I take a road trip from Kentucky back to my hometown in northwestern Pennsylvania to spend time on Lake Erie. As tradition dictates, we stop along I-71 for coffee at a branch of a certain coffee shop, which also happens to be my former employer as a teen. (Let’s call it Siren Coffee.) This year, we sat waiting in the drive-thru for a drip coffee for a full 10 minutes.

EP 58 - Trust and Resilience in the Wake of CrowdStrike's Black Swan

In this episode of Trust Issues, we dig into the recent the global IT outage caused by a CrowdStrike software update, which impacted millions of Microsoft Windows endpoints and disrupted many sectors. This “black swan” event highlights, among other things, the importance of preparedness, adaptability and robust crisis management.

5 Strategies for Setting the Right Cybersecurity KPIs

Cybersecurity key performance indicators (KPIs) measure the efficacy of an organization’s cybersecurity program. In a rapidly changing threat landscape characterized by new identities, environments and attack methods, many potential KPIs exist to track. Measuring too many things can be distracting or misleading, while not measuring enough can create gaps in understanding and protection.