All Articles

I didn’t see much visibility on this DocuSign hack. This is a situation where the product features were not vetted to understand if they could be misused by malicious fraudsters. There is not a technical vulnerability, it comes down to a design weakn

I’m thrilled to join the incredible team at The Cyber Express as a member of their Editorial Advisory Board! It’s an honor to collaborate with an esteemed group of cybersecurity experts, all dedicated to delivering accurate, timely, and valuable insi

In the evolving landscape of cybersecurity, protecting sensitive customer data is paramount, especially when it comes to payment information. One innovation that has gained traction in recent years is the dynamic CVV (Card Verification Value). For Ch

𝗜𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁 𝗗𝘆𝗻𝗮𝗺𝗶𝗰 𝗖𝗩𝗩𝘀
𝘈𝘵𝘵𝘦𝘯𝘵𝘪𝘰𝘯 𝘙𝘉𝘐: The Future of Secure Banking is Here –

In today’s digital-first world, credit and debit card frauds pose significant challenges to both consumers and financial institutions. As card transactions grow, so do the ris

A “Perfect” 10 vulnerability score is not what users of Cisco Ultra-Reliable Wireless Backhaul (URWB) systems were expecting. The recently discovered cybersecurity vulnerability CVE-2024–20418 is remote, easy, and gives full Admin rights to the devi

I had a tremendous time at the InCyber Montreal forum. The speakers, panels, fellow practitioners, and events were outstanding!

I bumped into Dan Lohrmann and Nancy Rainosek before their panel with Sue McCauley on CISO challenges. We had some very int

Why spend the time, money, and resources on a security metrics program anyway? This section will review the Benefits of a Security Metrics Program 

A Lesson for Security Metrics from the Traffic Safety Industry 

Starting and maintaining an security

As per the SEBI circular "SEBI/HO/ ITD-1/ITD_CSC_EXT/P/CIR/2024/113" dated 20 Aug 2024 it is mandatory for all MIIs and Qualified REs to be compliant to the below DE.DP.S4 CART guidelines.

SEBI’s CART Requirement (SEBI/HO/ ITD-1/ITD_CSC_EXT/P/CIR/202

We are hosting an exclusive CISO Platform Talks session on "Offensive Security: Breach Stories to Defense Using Offense" featuring Saravanakumar Ramaiah, Director - Technology Risk Management, Sutherland and Rajiv Nandwani, Global Information Securit

This is an interesting tactic by cyber attackers — using virtual machine hard drive files to bypass email malware filters!

Never underestimate the creativity and resourcefulness of intelligent adversaries in finding ways to leverage technology for the

The SEC has fined four major companies for materially misleading investors regarding cyberattacks.

Tech in Trouble

Regulatory actions have been brought against Unisys, Avaya, Check Point, and Mimecast for their purposeful decisions to not clearly infor

It is good to see US government leaders realize that ransomware is a growing existential threat to our country, at the hands of our adversaries.

A top US national cybersecurity advisor stated in a recent op-ed, “This is a troubling practice that must

Secureworks released a report detailing how North Korean attackers are targeting western countries with a new tactic. Attackers are fraudulently obtaining positions so they can victimize the employer!

I predict we will see more of these types of attac

There are big predators in our digital world. In recent keynotes I have been talking about the big 4 aggressive nation states and how they are heavily investing in offensive cyber capabilities that trickles down to everyday cybercriminals.  

Cybersec

A recent report by Trellix indicated that due to growing complexity, responsibility, and regulatory accountability, a majority of CISOs believe their role should be split into separate positions.

This finding struck me as a little odd. It seems counte

Explaining cybersecurity is challenging, but with the right visual interface, it is easier to understand the behavioral, technical, and process aspects of cyberattacks.

For the full video Explaining Ransomware: https://www.youtube.com/watch?v=njXi-NoL

Ransomware is one of the most devastating challenges in cybersecurity today. The attacks are vicious, expensive, impactful, and becoming commonplace.

Over the years I have predicted its rise, discussed why it is so challenging, debunked myths like bla

This is how to redefine CISO events! I had a spectacular time at the “Locked In — The Cybersecurity Event of the Year!” Organized by Rinki Sethi and Lucas Moody, it was nothing short of epic! Forget long boring sessions and tracks, this was about CIS

Data breaches are among the most severe threats facing organizations in today's digital landscape. As cybercriminals become more sophisticated, businesses of all sizes are at risk of falling victim to attacks that can compromise sensitive information

The National Public Data breach has been a nightmare, exposing names, addresses, birthdates, emails, phone numbers, and Social Security Numbers of countless individuals — including mine.

As a California resident, I have the legal right to demand that