Wendy Nather On Cyber Lessons That Come From The Near-Misses
In CYBR.SEC.CAST Episode 66, Wendy Nather explains why cybersecurity’s biggest lessons aren’t coming from breaches, but from the near-misses no one talks about.
In CYBR.SEC.CAST Episode 66, Wendy Nather explains why cybersecurity’s biggest lessons aren’t coming from breaches, but from the near-misses no one talks about.
After enduring years of cyberstalking, Kelley Misata transformed personal trauma into a cybersecurity movement, helping nonprofits close dangerous security gaps the industry still doesn’t understand.
A cascading series of supply-chain compromises spanning GitHub pipelines, npm, PyPI, and core developer tools has exposed how deeply attackers can exploit the trust fabric of modern software, leaving organizations scrambling to assume everything is compromised.
Industry veteran Theresa Lanowitz says the modern software supply chain has become too complex to see, too critical to ignore, and too exposed to secure the old way.
Mike Holcomb’s OT security training cuts through theory and brings IT and OT professionals together around one goal: understanding how industrial environments actually work and how to secure them before failure becomes physical.
Iran's proxies hacked the FBI director who vowed to hunt them down.
Cybersecurity has outgrown the SOC. As attacks spill into water systems, hospitals, and critical infrastructure, OT.SEC.CON will bring together the practitioners, policymakers, and operators redefining what defense looks like when cyber risk becomes physical risk.
The tens of thousands of at-risk water utilities across this country are still out there — now slightly more aware of how exposed they are, which isn’t exactly progress.
Critical infrastructure organizations reported thousands of incidents in the covered period, and year-over-year data shows a roughly 180% increase in the exploitation of vulnerabilities as an initial access path, concentrated heavily on edge devices and remote access infrastructure.
The RSAC 2026 expo floor didn’t just reflect the cybersecurity market — it exposed how vendors think buyers buy. Right now, that means AI everywhere, clarity nowhere, and a growing gap between messaging and meaning.
ICIT Executive Director Valerie Moon says the United States remains unprepared for critical infrastructure attacks that come with modern geopolitical conflict.
The warped cybersecurity jobs market is a major topic of discussion at RSAC, and was the focus of a recent podcast with ICIT Executive Director Valerie Moon.
The Office of the Director of National Intelligence’s 2026 Annual Threat Assessment (ATA) highlights escalating risks to the U.S. from China, Russia, Iran, North Korea, and aggressive ransomware actors, emphasizing pre-positioning in key systems for potential disruption during crises.
The Purdue Model has long been the GuideStar for securing factories, power plants, and water systems: layer your sensors at the bottom, controllers above, and tie it all to enterprise IT at the top with firewalls segmenting between. Simple. Effective. Or so the industry told itself.
Dragos CEO and Army National Guard Lt. Col. Rob Lee explains how Cyber Fortress brings together military units, infrastructure operators, and international partners to train for real-world cyberattacks against operational technology systems.
Dragos CEO and National Guard Lt. Col. Rob Lee warns that cyber operations targeting civilian infrastructure, from hospitals to water systems, are crossing a dangerous line the cybersecurity community must confront directly.