In a January 2025 advisory, CISA’s then-director, Jen Easterly, stated that “China’s sophisticated and well-resourced cyber program represents the most serious and significant cyber threat to our nation, and in particular, U.S. critical infrastructure.” Whether they aim to spy, disrupt, or destroy, safeguarding infrastructure against Salt Typhoon cyberattacks and other
If you’re in the cybersecurity business, you’ve likely invested a fair amount of time (or perhaps a lot of time) in generating cybersecurity metrics. And you may have experienced some of the frustrations that I covered in my recent article, Cybersecurity Metrics: Avoiding Common Pitfalls. In this follow-up article, I’ll
Over the last three decades the technology evolution has pushed the boundaries of traditional industries and also sparked new ones. Cybersecurity — whether viewed as a sub-faction of information security, a set of practices within the information technology industry, or a significant industry in its own right — has emerged
The most critical phase of an incident response process is recovery. Every minute business is disrupted by a cybersecurity incident, there is signifcant cost placed on the organization. A quick recovery response can help limit costs making recovery the absolute goal of responding to an incident. Organizations cannot skip critical