When Good People Struggle: The Human Side of Security Misalignment
Security challenges aren’t usually about tools—they’re about people, alignment, and the unseen friction that builds when roles, workflows, and reality drift apart.
blog
Invisible Gateways: The Hidden IoT Security Risk Threatening Organizations
Connected devices are changing how we work—but they’re also opening invisible gateways for attackers. In this article, Phillip Wylie breaks down how IoT vulnerabilities are being exploited and what organizations can do to close these unseen entry points.
Less to Protect, More to Gain: Rethinking Compliance Through Scope Reduction
Doing less can deliver more. Scope reduction reduces risk, simplifies compliance, and makes regulated opportunities attainable for any organization willing to focus on what really matters.
Reflections on the CVSS Keynote
Go talk to some VM teams, and you, too, will see what I see.
Modern Security Posture Management: Solving the Hardest Problems with Cloud and APIs
Security Posture Management (SPM) is transforming how organizations secure data, infrastructure, and applications. Learn how cloud and APIs have evolved from security risks into modern SPM enablers.
Penguins & Securing Agentic AI Before It’s Too Late
The problem is that most security models weren’t designed with agent autonomy in mind.
The Tier Trap: How the Most Popular Cybersecurity Framework Gets Misused
Treating CSF Tiers as maturity scores creates a dangerous illusion… boards believe Tier 4 means secure, when in reality it does not.
Structuring a Unified Cybersecurity Program Across IT and OT Environments
Cybersecurity programs are most effective when they serve more than a compliance function. In public utilities and other critical infrastructure environments, the program must support operational reliability, safety, and public trust.
The Looming Threat of AI-Powered Malware
At HOU.SEC.CON 2024, Justin Hutchens reveals how AI-powered malware could outmaneuver traditional defenses, calling for urgent shifts in cybersecurity strategy.