Market trends, acquisitions, hiring, certifications
This article discusses common mistakes organizations make when conducting tabletop exercises for incident response. It highlights the importance of clear objectives, realistic scenarios, and involving diverse stakeholders to ensure these simulations effectively test preparedness for cyber incidents.
Dragos has acquired xIoT security firm Phosphorus. This acquisition is expected to enhance asset visibility, device intelligence, and automated remediation workflows for Dragos customers.
This article presents a pop quiz specifically for the CompTIA A+ 220-1201 certification exam, focusing on a topic applicable to a wide range of IT systems. It is hosted on Professor Messer's website, known for providing free IT certification training resources.
Managed Service Providers (MSPs) are evolving beyond basic vCISO (virtual Chief Information Security Officer) tools, which previously focused on assessments, advisory, and reporting. The industry is shifting towards 'Security Growth Platforms' to meet the expanding needs of MSPs and Managed Security Service Providers (MSSPs).
A significant portion of CISOs admit their organizations are not adequately protecting data or are unprepared for cyberattacks, indicating critical security gaps. The article outlines six key areas CISOs must address, including a perception gap where security is still viewed primarily as an IT problem rather than a business resilience issue.
The CSO30 ASEAN & Hong Kong Awards are now open for nominations for 2026, recognizing cybersecurity leaders and teams for their contributions to regional resilience. The awards aim to highlight impactful achievements in strengthening cyber posture, influencing strategic decisions, and building ecosystem partnerships.
This post, titled "Friday Squid Blogging: Another Squid," serves as a recurring informal update and discussion thread for readers of Schneier on Security. It mentions a "West Country legend" named Squid and encourages readers to discuss other security news stories not covered by the author.
Dark Reading is celebrating its 20th anniversary by asking readers to submit cybersecurity-related captions for a cartoon. The initiative aims to reflect on the progress and evolution of the cybersecurity industry over the past two decades.
The cyber insurance market in Asia has historically struggled to gain traction due to various challenges. However, recent indications suggest a potential resurgence and growth in this sector across the region.
Public companies are now required by the SEC to include a section in their annual 10-K filings detailing their cybersecurity risk management, strategy, governance, and incidents. This article analyzes these filings, focusing on the top 200 S&P companies, to understand how senior executives are reporting on their cybersecurity posture and to identify trends. The research specifically examines the role of the Chief Information Security Officer (CISO) and their reporting structure.
Snowflake has acquired Natoma, a data security startup focused on preventing unauthorized access and data leakage. This acquisition aims to bolster Snowflake's security offerings, particularly in protecting sensitive data from rogue agents and insider threats.
Geordie, a company focused on AI security and governance, has successfully raised $30 million in a funding round. The round was led by Balderton Capital, with participation from Crosspoint Capital and existing investors General Catalyst and Ten Eleven Ventures.
This article presents a pop quiz for the CompTIA Security+ SY0-701 certification exam, focusing on a specific topic with an unexpected development. It is part of a series of practice questions designed to help individuals prepare for the certification.
This article discusses how the cyber insurance industry is compelling organizations to quantify their security risks. It explores what cyber insurance policies typically cover and highlights how this focus on risk assessment can ultimately improve overall cybersecurity posture.
This article presents a pop quiz for the CompTIA A+ 220-1201 certification, focusing on hardware identification and terminology. It's part of Professor Messer's free IT certification training resources.
A new report from LayerX Security indicates that enterprise AI risk is not evenly distributed but is instead concentrated among a small group of "AI power users." This suggests a significant visibility gap in how organizations understand and manage their AI-related security exposures.
A survey of CISOs in Nordic countries indicates that most are not experiencing an increase in the severity or frequency of cyberattacks compared to two years ago. This resilience is observed despite the growing prevalence and capabilities of artificial intelligence in the threat landscape.
Sophos has been recognized as the number one vendor in multiple categories by G2 for the second consecutive time in their Summer 2026 Reports. The company received top rankings in Endpoint, EDR, XDR, MDR, and Firewall solutions, alongside an overall #1 position.
Gartner has released its 2023 Magic Quadrant for Endpoint Protection Platforms (EPP), a report evaluating vendors in the endpoint security market. The report assesses vendors based on their ability to execute and completeness of vision. Sophos is recognized for its strengths in the market.
Professor Messer is offering a Security+ Success Bundle that includes downloadable course notes and practice exams to help individuals prepare for the CompTIA Security+ exam. This resource is designed to supplement his free video series and test users' knowledge of the exam objectives.
SecurityWeek announced its third annual AI Risk Summit, scheduled for August 11-12 at the Ritz-Carlton in Half Moon Bay. The event will convene CISOs, security leaders, AI researchers, developers, policymakers, and enterprise risk professionals.
The cybersecurity industry has undergone a significant transformation since 2006, evolving from a focus on perimeter defense to the current landscape of AI-native security. This evolution is examined through a technological lens as part of Dark Reading's 20th-anniversary coverage.
Professor Messer is offering a free quiz for the CompTIA A+ 220-1202 certification. This quiz is designed to help individuals test their knowledge and prepare for the exam. The post links back to Professor Messer's IT certification training courses.
This article provides a humorous and metaphorical guide to "hacking" a call-for-proposal (CFP) platform to secure a speaker gig at a conference. It uses cybersecurity analogies to explain how to manipulate the system and craft a compelling submission.
Lastwall has successfully raised $11.5 million in funding, primarily led by BDC Capital's StrongNorth Fund. This investment is intended to fuel the company's expansion into the North American market with its quantum-resilient identity platform.
Sophos has been recognized as a Leader in the 2026 Gartner Magic Quadrant for Endpoint Protection for the 17th consecutive time. The report highlights the ongoing importance of strong endpoint protection, particularly in an AI-driven threat landscape, emphasizing its effectiveness when integrated into a broader defense strategy.
This article presents a pop quiz designed to test knowledge of the CompTIA Network+ N10-009 certification. It focuses on topics related to network mapping and infrastructure.
This article presents a pop quiz for the CompTIA A+ 220-1201 certification exam, focusing on a specific topic within the exam material. It is part of a series of free training resources offered by Professor Messer.
This article is a tribute to Tim Wilson, co-founder and former editor-in-chief of Dark Reading, who passed away five years ago. It reflects on his significant contributions to building and elevating the cybersecurity media site as it enters its third decade.
This article from Professor Messer presents a pop quiz for the CompTIA A+ 220-1202 certification. It is designed as a free resource to help individuals prepare for the exam and test their knowledge.
This article is a pop quiz related to the CompTIA A+ 220-1201 certification. It tests knowledge on topics relevant to IT certifications.
Bug bounty platform HackerOne has significantly reduced its payouts for critical and high-severity vulnerability discoveries. This move comes as part of a broader restructuring aimed at financial sustainability and reflects a shift in how bug bounty programs are incentivized.
The proliferation of AI agents in enterprises necessitates new approaches to managing, securing, and governing their identities. Research indicates that the budget allocation for AI agent identity management differs significantly from traditional Identity and Access Management (IAM) projects.
This article presents a pop quiz focused on the SY0-701 CompTIA Security+ certification exam, specifically covering the topic of 'A forest of data'. It is designed to help individuals prepare for their Security+ certification.
This article presents a pop quiz for the CompTIA A+ 220-1202 certification exam, focusing on topics that require clarification. It aims to help individuals preparing for the certification test by providing practice questions.
Flipper Devices is seeking community assistance to develop Flipper One, an open Linux platform designed for connected devices. This initiative aims to build a robust and customizable ecosystem for their pentesting tools.
Socket, a security company focused on protecting open-source software supply chains, has announced it has raised $60 million in funding, bringing its valuation to $1 billion. The company plans to use this investment to enhance its firewall technology, develop certified patches, expand protection features, introduce new products, and grow its team.
TCM Academy has released a new course titled "Introduction to Windows Forensics." This course is designed to teach foundational skills in digital forensics specifically for Windows operating systems.
Quantum Bridge has secured $8 million in Series A funding, bringing their total raised to $16 million. The company is developing a quantum-safe key distribution solution.
Infosecurity Europe, a major cybersecurity event, is scheduled to take place in Barcelona from June 4-6, 2024. The event will feature keynotes, panel discussions, and networking opportunities focusing on current and future cybersecurity challenges.
Professor Messer has released a new pop quiz for the CompTIA A+ 220-1201 certification. This quiz is part of his free IT certification training resources designed to help individuals prepare for their exams.
GitHub is modifying its bug bounty program, shifting from cash rewards to swag for low-impact vulnerability reports and emphasizing user responsibility for security. The platform has seen a surge in submissions, partly due to AI tools, leading to a need to filter out less significant reports and focus on genuine security risks.
This article presents a pop quiz for the CompTIA Network+ N10-009 certification. It focuses on a specific topic within the certification, likely related to network cable colors or similar identification methods relevant to networking professionals.
This article reflects on two decades of cybersecurity evolution, highlighting shifts from perimeter defense to assume-breach strategies. It warns that despite advancements like AI and cloud adoption, organizations are still neglecting fundamental security hygiene, leaving them vulnerable to sophisticated attacks.
This article is a short pop quiz related to the CompTIA A+ certification exam (220-1202), presented by Professor Messer. It offers a free training resource for individuals preparing for IT certifications.
Professor Messer is offering a free pop quiz for the CompTIA A+ 220-1201 certification exam. This quiz is designed to help individuals test their knowledge and prepare for the certification. The resource is provided through his IT certification training courses.
Many organizations repeatedly purchase new security tools to address perceived gaps, yet struggle with fundamental visibility issues. This cyclical approach, driven by a desire to appear proactive, often fails to improve overall security posture because the core problem of understanding assets, access, and activity remains unaddressed. True risk reduction comes from comprehensive visibility rather than an accumulation of specialized tools.
This article is a pop quiz for the CompTIA A+ 220-1202 certification exam. It presents a question related to hardware troubleshooting scenarios, asking about the best course of action when a computer powers on but displays no video.
Several prominent cybersecurity figures, including Robert "RSnake" Hansen, Katie Moussouris, Rich Mogull, Richard Stiennon, and Bruce Schneier, reflect on their past columns for Dark Reading. They discuss how their insights from the past 20 years remain relevant to the current cybersecurity landscape.
SecurityScorecard has acquired Driftnet to enhance its threat intelligence capabilities, particularly in understanding third-party ecosystems. This acquisition aims to provide greater visibility into supply chains, which are increasingly targeted by attackers.
