Going Beyond Secure by Demand
Secure by Demand offers a starting point for third-party risk management teams, but they need to take the essential step…
Cross-Site Scripting Is 2024’s Most Dangerous Software Weakness
MITRE and CISA's 2024 list of the 25 most dangerous software weaknesses exposes the need for organizations to continue to…
African Reliance on Foreign Suppliers Boosts Insecurity Concerns
Recent backdoor implants and cyber-espionage attacks on their supply chains have African organizations looking to diversify beyond Chinese, American tech…
Bill Gates’ insane plan to ‘save’ us: Block out the sun
Bill Gates has more money than most of us can even imagine. If he wanted, he could disappear to some…
GitHub projects targeted with malicious commits to frame researcher
GitHub projects have been targeted with malicious commits and pull requests, in an attempt to inject backdoors into these projects. Most recently, the…
The Future of Cybersecurity: Predictions for 2025 and Beyond
by Gary S. Miliefsky, CISSP, fmDHS As the publisher of Cyber Defense Magazine, I have a great honor and pleasure…
Lessons From OSC&R on Protecting the Software Supply Chain
A new report from the Open Software Supply Chain Attack Reference (OSC&R) team provides a framework to reduce how much…
Middle East Cybersecurity Efforts Catch Up After Late Start
Despite having only a scant focus on cybersecurity regulations a decade ago, countries in the Middle East — led by…
The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance
by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for…
Preparing for DORA Amid Technical Controls Ambiguity
The European Union's Digital Operational Resilience Act requires financial entities to focus on third-party risk, resilience, and testing.