Successful mitigation of today’s security threats requires an approach that is both on the offensive and on the defensive. Here, we give our take on how to approach and handle specific security challenges, as well as our reaction to some of the latest industry topics.
04.09.26Featuring insights from DirectDefense’s fireside chat with Jim Broome, Rick McElroy, and Tim Armstrong Watch the Full Webinar The Reality: Cyber Risk Isn’t Changing – It’s Accelerating Budget cuts. Leaner teams. AI-generated code. Expanding attack surfaces. Cyber risk in 2026 doesn’t look entirely new, but it is moving faster, becoming harder to see, and shifting… Read more »
03.09.26Operational technology security is no longer a side conversation at RSA. It is central to the broader cybersecurity dialogue. As industrial environments become more connected, threat activity continues to evolve, and regulatory expectations increase, organizations are being pushed to strengthen how they detect and respond to incidents in OT environments. At RSA Conference 2026, DirectDefense… Read more »
09.11.25How do you build a bot that can out-talk human judgement in real time? At DEF CON’s first Battle of the Bots, we put ours to the test, and won. Team DirectDefense, consisting of Matt Bangert and Michael Tomlinson, were selected to compete in DEF CON’s first ever Battle of the Bots: Vishing Edition; a… Read more »
07.30.25Utilities are under increasing pressure to secure the path between their IT and OT environments and keep attackers out of both.
07.23.25Why Cybersecurity in Mergers and Acquisitions Can be a Dealmaker – or a Deal Breaker It’s not uncommon for companies that are approaching a merger or acquisition process to focus on financials, company culture, and operational structure, casting cyber due diligence to the wayside. If cybersecurity isn’t a key component in a company’s M&A process,… Read more »
07.21.25Unpatched SharePoint? This Zero-Day Could Let Attackers In Microsoft has issued an urgent warning regarding a newly weaponized zero-day vulnerability, CVE-2025-53770, affecting on-premise SharePoint Server deployments. With a CVSS score of 9.8, this remote code execution (RCE) flaw is being actively exploited and poses a severe risk to unpatched environments. What’s the Threat? This unauthenticated… Read more »
03.25.25Getting a wastewater utility’s OT and IT departments on the same page to address vulnerabilities they didn’t know they had. Wastewater utilities are among some of the most targeted industries for cyber attacks, and the implications can be devastating as operational interruptions or shut-downs could directly affect public health. The Environmental Protection Agency (EPA) does… Read more »
01.03.25Opportunities and Challenges in AI-Driven Threat Detection. Authenticity matters in business and relationships, and the noticeable lack of authenticity in AI-generated communications can limit its practical application. Generative AI in cybersecurity is a perfect example of the dichotomy between automation and human intelligence – AI can provide all the best data, but you have to… Read more »
12.30.24Prevent supply chain attacks by securing third-party vendor access to your network and practicing routine patch management.
12.19.24Attackers Have Evolved – But Most Companies Have Not The greatest gift a cyber attacker gets during the holiday season is another year of largely unfettered access to company data. While we ring in 2025 with the renewed sense of promise a new year brings, threat actors are also celebrating – because while they’ve been… Read more »
