Accenture's acquisition of a majority stake in Dragos and full ownership of runZero and NetRise reflects growing urgency across the cybersecurity industry to defend critical infrastructure against nation-state threats, particularly those attributed to China.
From our first episode of CYBR.Minded: Security teams are drowning in alerts, responsibility and impossible expectations. Until recently, the industry treated it as a personal problem instead of a systemic one.
Cybersecurity has been built around a simple equation: risk equals probability multiplied by impact. John Kindervag, creator of the Zero Trust Framework and chief evangelist at Illumio, says the equation assumes something defenders rarely possess: a reliable way to calculate probability.
From the CYBR.SEC.Community
A utility trusts its operating picture because measurements return in expected ranges, alarms correlate with physical events, crews report back from the field, substations behave consistently, and the model of the grid keeps meeting the grid itself. Return is how reality becomes believable.
Summer conference season in full swing, and security marketing teams are in full-on "how to we capture more mindshare" mode. Every vendor wants to hit a home run on marketing swag, but no one wants to break the bank on it. Here's your helpful guide...
The people on the ground often know whether that event is ordinary, suspicious, urgent, harmless, political, embarrassing, dangerous, or simply the latest chapter in a long operational story.
Dr. Eric Cole's cybersecurity accomplishments are legendary, but his willingness to speak openly about burnout is something that particularly resonated with me, as it is something many of us struggle to avoid.
Thirty years after Sean Marley died, I realize that my focus on mental health in cybersecurity started with him. This is a belated thank you to him for helping me strive for something better. He wasn't a hacker. But he sure as hell was one of us.
Critical Infrastructure SecurityOT Cybersecurity
Also this week: Introducing the CYBR.Minded podcast, why Zero Trust Framework's creator wants cybersecurity to stop talking about risk, a GPS correction tool gives Iran-linked hackers access to a major water utility, a guide to conference swag people actually want, and more!
AI and Zero Trust
Artificial intelligence has become cybersecurity's latest source of anxiety. John Kindervag, creator of the Zero Trust Framework and chief evangelist at Illumio, sees things differently.
Critical Infrastructure Security
Iranian-linked hackers reportedly breached California Water Service by pivoting through an open-source GPS correction tool to then access billing systems. The alleged intrusion laid bare security failures that federal inspectors had already flagged across hundreds of U.S. water systems.
AI Security
Security teams are caught between a rapidly expanding attack surface and accelerating adversarial use of AI. Thirty-two percent of security teams see automated, AI-fueled attacks as the single greatest driver reshaping their offensive security strategies.
AI SecurityAI GovernanceTrust vs. AI
This week: How AI is reshaping security vendor business models, disrupting cybersecurity procurement, exposing governance gaps, fueling new trust debates, and further complicating persistent threats like ransomware and Microsoft insecurity.
AI SecurityVulnerability Management
A trio of fresh flaws highlights the heightened vulnerability of the entire enterprise software stack, as the combination of automated scanning, the availability of exploit code, and patching delays is cited as a factor in the rise of vulnerability exploitation as a preferred entry point.
GRC
A new report from Cye finds that AI adoption is racing ahead of AI security, leaving organizations stuck between governance policies on paper and operational controls that can actually reduce risk. The report analyzed more than 2,400 assessments across 21 countries and 16 industries.
Podcast
Why mental health, overload, alert fatigue, and human resilience are cybersecurity issues.
Podcast
Michael and Phil were joined at CYBR.HAK.CON. by John Kindervag, Chief Evangelist at Illumio and creator of the Zero Trust Framework, for a wide-ranging conversation on risk vs. danger, personal resilience and the future of AI.
Podcast
We are joined by Crush Security co-founders Joshua Jones and Josh Johnson, plus CISO John Barrow. They discuss navigating an increasingly complex vendor ecosystem where tool sprawl, contract complexity, reseller incentives, and budget pressure make buying harder. (Sponsored by Crush Security)
Podcast
In this episode, hosts Michael Farnum and Phillip Wylie sit down with penetration tester and Red Siege founder Tim Medin to talk about turning attacker tactics into practical defensive wins.
Video
Podcast
Winn Schwartau argues that the biggest threat facing defenders isn’t just technical, but cognitive: overwhelming information flows that push humans into “mental DDoS.” He has introduced the concept of “critical ignoring” as a prerequisite to critical thinking.
Video
