What To Expect and Consider When Hiring A CISO

The market for top-tier CISOs is now highly competitive. Information cybersecurity has become a high-profile corporate concern, and the bar has been raised on the pool of qualified candidates. By one estimate there were 2,700 CISO job openings in the United States in June 2015. So even if organizations are able to effectively evaluate candidates [...]

Cybersecurity is a Proactive Journey, Not a Destination

Cybersecurity continues to grab spotlight and mindshare as it pertains to computing and social trends. The topic itself is broad and expansive, and the true impact of this segment of computing will be around for generations to come. For strong perspective on where the industry stands in its current state, ISACA’s State of Cybersecurity 2018 research is [...]

The AI Calculus – Where Do Ethics Factor In?

While artificial intelligence and machine learning deployment are on the rise – and generating plenty of buzz along the way – organizations face difficult decisions about how, where and when to introduce AI. In a session Tuesday at the 2018 GRC Conference in Nashville, Tennessee, USA, co-presenters Kirsten Lloyd and Josh Elliot laid out many of the [...]

Four Unit 42 Vulnerability Researchers Make MSRC Top 100 for 2018

Palo Alto Networks Unit 42 is proud to announce that four of our researchers were named to the Microsoft Security Response Center (MSRC) “Top 100 Security Researchers List” for 2018. This is the third year Unit 42 researchers have been included in this prestigious list, which is announced every year at Black Hat. This year’s [...]

In OT Environments, Security Must Not Be an Afterthought

The dream of a cloud-enabled operational technology, or OT, environment is becoming a reality thanks to daily innovations in technology, which have the potential of turning legacy control systems into integrated IIoT instances. These changes are happening at a fast pace, and are often extraordinary in scale. Large scale ICS SCADA systems, such as those [...]

Threat Brief: Cyber Attackers Using Your Home Router To Bring Down Websites

In recent research, Palo Alto Networks found attackers were targeting home routers to take control and use them for attacks against other websites that can bring them down. Here we explain this type of attack and what you should do.   Why should I care, what can it do to me? These attacks could affect you [...]

CVE and Cloud Services, Part 1: The Exclusion of Cloud Service Vulnerabilities

The vulnerability management process has traditionally been supported by a finely balanced ecosystem, which includes such stakeholders as security researchers, enterprises, and vendors. At the crux of this ecosystem is the Common Vulnerabilities and Exposures (CVE) identification system. In order to be assigned an ID, vulnerabilities have to fulfill certain criteria. In recent times, these [...]