Security news aggregator

Latest coverage for Strategy

Cybersecurity strategy guides how organizations prioritize risks, protect critical systems, and prepare for incidents, recovery, and resilience.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Security strategy is the long-term direction an organization uses to manage information-security risk and support its business objectives. It sets priorities for protecting systems and data, assigns decision-making authority, defines acceptable risk, and guides investment in controls, skills, architecture, and suppliers. A sound strategy turns risk assessments and threat intelligence into measurable security outcomes rather than a disconnected list of tools.

For practitioners, strategy determines which assets and attack paths receive priority in vulnerability management, how privacy and regulatory obligations shape data handling, and what capabilities must exist for detection, containment, recovery, and testing. It should account for dependencies such as cloud services, software providers, identities, and legacy systems, while establishing review points as technology, threats, and business operations change. Effective governance links these choices to owners, budgets, metrics, and documented exceptions.

Showing 5 most recent headlines Filtered view

Multi-stage cyber attacks, characterized by their complex execution chains, are designed to avoid detection and trick victims into a false sense of security. Knowing how they operate is the first step to building a solid defense strategy against them. Let's examine real-world examples of some of the most common multi-stage attack scenarios that are active right now

New Sysdig CEO Bill Welch Aims to Expand Real-Time Response and GSI PartnershipsNew CEO Bill Welch discusses Sysdig's cloud security strategy, emphasizing AI, open-source leadership with Falco, and expansion plans to serve SMBs and midmarket businesses. He shares goals for real-time response and building a sustainable, profitable company.

Bank Info Security 1 year, 7 months ago

Victims Must Disclose Ransom Payments Under Australian Law

New Law Calls for Better Reporting, Securing Devices and Critical InfrastructureThe Australian government's proposed cybersecurity legislation passed both houses of the Parliament on Monday, formalizing the government's strategy to boost ransomware payment reporting, mandate basic cybersecurity standards for connected devices and enhance critical infrastructure security.

Bank Info Security 1 year, 7 months ago

Black Basta Ransomware Group Retools for Strategic Attacks

Social Engineering Moves Mirror Nation-State Groups' Tactics, Researchers SayThe Black Basta ransomware group has been refining its social engineering tactics to amass more victims despite escalating law enforcement disruptions, together with a shift to more "strategic, long-term planning" that security experts said suggests Russian state ties.