Most security breaches aren’t a consequence of inadequate security controls but are a direct result of human failure. So why do humans make mistakes? What triggers our behavior, and why are we so susceptible to manipulation? Understanding these triggers will greatly help organizations change their approach to information security.

https://www.securitymagazine.com/articles/96918-10-cognitive-biases-that-can-derail-cybersecurity-programs

Enterprises globally must harden existing firewall configurations; this is a non-negotiable activity. Over time firewall configurations experience a “drift” between what the business requires and what’s become obsolete.

https://www.securitymagazine.com/articles/96917-firewall-hardening-a-critical-business-need

Instead of focusing on preventing breaches, cybersecurity professionals should focus on improving security hygiene and resilience. More important than building up walls, organizations should prioritize minimizing costs, downtime and disruption in the case of an eventual cyberattack.

https://www.securitymagazine.com/articles/96916-even-the-most-experienced-cyber-professionals-agree-we-cant-prevent-all-breaches

The Texas Department of Public Safety has provided three resources to school communities to prevent potential violence, including tip reporting software called iWatchTexas, an alert system and school safety education.

https://www.securitymagazine.com/articles/96912-3-texas-public-safety-resources-maintaining-school-security

Supply chain shortages, a focus on sustainability and a changing workforce to reshape technologies — what are seven trends that will impact the physical security industry in 2022?

https://www.securitymagazine.com/articles/96910-7-trends-that-will-impact-the-security-and-identity-industry-in-2022

A recent ransomware attack disrupted Maryland Department of Health (MDH) operations.

https://www.securitymagazine.com/articles/96901-maryland-dept-of-health-confirms-ransomware-attack

Ukraine has suffered a massive cyberattack that has affected Ukrainian foreign ministry, the cabinet of ministers and the security and defense council.

https://www.securitymagazine.com/articles/96907-massive-cyberattack-hits-ukrainian-government

El Salvador is the latest country to register numerous victims of Pegasus spyware.

https://www.securitymagazine.com/articles/96906-pegasus-used-to-target-el-salvador-activists-journalists

The Security Executive Council (SEC) will award scholarships of up to $7,500 to students who exemplify security leadership skills and are enrolled in select university partner programs.

https://www.securitymagazine.com/articles/96909-sec-launches-security-degree-scholarships

Andrew Myerberg, former Director of Seattle’s Office of Police Accountability, has been named the city’s new Director of Public Safety.

https://www.securitymagazine.com/articles/96908-andrew-myerberg-named-seattle-director-of-public-safety

Save the date for the top 28 cybersecurity conferences taking place around the world in 2022, featuring topics from ethical hacking to human behavior analysis in cybersecurity.

https://www.securitymagazine.com/articles/96895-top-28-cybersecurity-conferences-of-2022

Enterprise security leaders who outsource some aspects of their cybersecurity responsibilities have reported faster attack detection and response rates. Here are seven tips when looking for the right cybersecurity partner for an organization.

https://www.securitymagazine.com/articles/96894-meeting-the-moment-for-hybrid-work-cybersecurity

The secure access service edge (SASE) is a key aspect of edge security. Cybersecurity professionals looking to further secure their cloud environments can review the concept and best practices for implementation in this article.

https://www.securitymagazine.com/articles/96893-viewpoint-on-edge-security-what-to-know-about-sase

Vertical markets are implementing mobile and cloud access solutions to streamline access and reduce costs.

https://www.securitymagazine.com/articles/96905-vertical-markets-benefit-from-mobile-and-cloud-access-solutions

Lenny Maly has been tapped by Granicus to serve as Chief Information Security Officer (CISO). In this role, Maly will lead the company’s dedicated security organization, helping set new cloud-security standards that enable accelerated government digital transformation.

https://www.securitymagazine.com/articles/96902-lenny-maly-named-granicus-ciso

Cisco Talos discovered a malicious campaign in October 2021 delivering variants of Nanocore, Netwire and AsyncRATs targeting users’ information.

https://www.securitymagazine.com/articles/96900-hackers-buying-space-from-major-cloud-providers-to-distribute-malware

The San Francisco Bay Area Rapid Transit (BART) system has implemented a crisis intervention program onboard their trains and inside stations, using a proactive approach to reduce the risk of safety incidents.

https://www.securitymagazine.com/articles/96903-bart-crisis-intervention-specialists-reduce-security-incidents-on-transit

Cybersecurity executive Neda Pitt has been appointed the new Chief Information Security Officer (CISO) at Globality, a vendor sourcing platform for enterprise organizations.

https://www.securitymagazine.com/articles/96899-neda-pitt-appointed-ciso-of-globality

The Albuquerque Public Schools student information system has been compromised in a cyberattack, prompting the closure of schools serving over 85,000 students in New Mexico.

https://www.securitymagazine.com/articles/96898-cyberattack-forces-albuquerque-schools-to-close

APT35 (aka Charming Kitten, TA453, or Phosphorus) started widespread scanning and attempted to leverage Log4j flaw in publicly facing systems only four days after the vulnerability was disclosed, according to new Check Point research.

https://www.securitymagazine.com/articles/96897-iran-linked-apt35-group-exploits-log4shell-flaw