All Articles

A Texas firm recently charged with conspiring to distribute synthetic opioids in the United States is at the center of a vast network of companies in the U.S. and Pakistan whose employees are accused of using online ads to scam westerners seeking hel

In the ever-evolving landscape of cybersecurity, organizations face a constant struggle: how to best allocate limited resources to maximize their defensive posture. No one has enough budget, personnel, or tools to defend against every conceivable thr

By Byron V. Acohido

SAN FRANCISCO — The cybersecurity industry showed up here in force last week: 44,000 attendees, 730 speakers, 650 exhibitors and 400 members of the media flooding Moscone Convention Center in the City by the Bay. Related: RSAC 20

In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for

The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer ve

My article on Help Net Security highlighting how the banking industry is leveraging their powerful lobbying groups to try and undermine the U.S. Securities and Exchange Commission 4-day cybersecurity reporting rule, which has been in place for over a

Banking industry lobbyists are pressuring the SEC to gut the four-day breach disclosure rule — an essential safeguard for shareholders and potential victims. Their arguments are misleading, self-serving, and designed to protect profits over public tr

In the world of cybersecurity leadership, resource allocation is far from a simple budgeting exercise. It is a strategic chess game where every move has a price, and the consequences of each decision resonate across systems, teams, and risk landscape

Russia is one of the most aggressive nations when it comes to state coordinated cyberattacks — and Ukraine has been at the center of their crosshairs for 3 years. This report, provided the State Service of Special Communications and Information Prote

As cryptocurrency becomes more popular and the adoption rises, we see a related increase in the number of cybercrimes, fraud, and malware schemes. Criminals like to hunt and plunder where there is money! If you hold cryptocurrency or are using Web3 p

Gemini imagines RSA 2025 (very tame!)

Ah, RSA. That yearly theater (Carnival? Circus? Orgy? Got any better synonyms, Gemini?) of 44,000 people vaguely (hi salespeople!) related to cybersecurity … where the air is thick with buzzwords and the v

Top 10 posts with the most lifetime views (excluding paper announcement blogs, Medium posts only):

1. Security Correlation Then and Now: A Sad Truth About SIEM
2. Can We Have “Detection as Code”?
3. Detection Engineering is Painful — and It Shouldn’t Be (

Another big healthcare sector data breach, impacting 480 thousand Catholic Health patients. Their 3rd party vendor Serviceaide is the root cause of this exposure.

This is the latest in many healthcare data breaches this year! Year-to-Date we are at a

Very excited to share that I’m now offering cyber security leadership coaching!

With over 35 years of experience, I have become an outspoken advocate, mentor, and respected authority in the field of cybersecurity.

I can work with you on…

✅ Understanding

Thank you to everyone who joined us on board for the CISO Cocktail Reception at RSA Conference 2025! It was a truly special evening, and we’re so glad to have shared it with our incredible cybersecurity community. We were thrilled to be a part of the