Insight No. 1 — Cyber calm: Lead like a Zen master, fight like a ninja Remaining calm is a cornerstone of effective leadership during a cyberattack. Staying composed under pressure not only helps you manage the crisis but also shapes how your team and stakeholders respond. A calm demeanor fosters ... Read More

Insight No. 1 — Phishing 2.0: Time to throttle your old password With phishing attacks growing more sophisticated — using AI, QR codes and hijacked emails — take action by enabling multifactor authentication (MFA) and updating passwords frequently. Always verify sensitive requests, even from familiar sources, and approach QR codes ... Read More

Insight No. 1 — Cheaping out on cybersecurity & dental hygiene both lead to pain & cost When it comes to security budget cuts, not all choices are equal: Some can leave your organization wide open to attacks. Skimping on staff training and technology upgrades might seem like an easy ... Read More

Insight No. 1 — We are frogs, falling asleep in security-debt stew Companies are drowning in high-risk software security debt, with critical vulnerabilities festering for an average of 252 days before they’re fixed — long enough to turn your tech stack into a hacker’s swamp. The old-guard application security tools ... Read More

Insight No. 1. — Ransomware groups are using CISA’s KEV catalog as a runbook  Given that CISA's Known Exploited Vulnerabilities (KEV) catalog highlights the most actively exploited and critical Common Vulnerabilities and Exposures (CVEs), it's no surprise ransomware groups are targeting them. Organizations must recognize this obvious threat: If CISA ... Read More

Insight #1 - Veracode report: Flaw fix times increase 47% since 2020 Veracode’s 2025 State of Software Security report exposes a troubling trend — flaw fix times have surged 47%, jumping from 171 days in 2020 to 252 days in 2025.  This staggering delay highlights the failures of outdated SAST ... Read More

Want credibility? Don’t hide in a closet after a security incident Be transparent with stakeholders during a security incident by clearly communicating what is being done and when they can expect updates. Transparency builds credibility and helps rebuild trust by showing accountability and keeping everyone informed, reducing uncertainty and skepticism ... Read More

Insight No. 1: Never fear: Security can handle the workload According to a recent survey from Adaptavist, two out of five (39%) IT and security leaders warn that “excessive workloads” could lead to major security incidents for their companies. I believe this concern is overblown. Security teams can address these ... Read More

Insight No. 1: You should be staging cyberattacks Cyberattacks are becoming more frequent and sophisticated, posing a significant threat to businesses of all sizes.Crisis simulations — one of which is now included in the latest MITRE ATT&CK Evaluations testfocusing on cloud security — play a crucial role in preparing for ... Read More

Insight No. 1: DORA’s knocking at your door DORA is already in effect! For those who haven't started, playing catch-up could be a costly mistake. Organizations that fail to comply with the established ICT risk management framework could face significant fines and reputational damage. Beyond your own company risk profile, ... Read More