4 min
CISOs
How CISOs��� Roles – and Security Operations – Will Change in 2024
It’s fair to say that 2023 was a turning point for the cybersecurity industry,
and no one felt it more than the CISO. From the onslaught of ransomware and
zero-day attacks,
[https://www.rapid7.com/blog/post/2024/01/12/2023-ransomware-stats-a-look-back-to-plan-ahead/]
to the SEC’s new reporting rules
[https://www.rapid7.com/globalassets/_pdfs/policy/sec-cybersecurity-compliance-solution-brief.pdf]
, and added to technological innovation and sprawl, CISOs have never been under
more pressure to ge
2 min
Security Operations
Showcasing SecOps Metrics That Matter
Our latest ebook, Presenting Upward: How to Showcase SecOps Metrics That Matter offers practical and actionable advice on how to present security metrics in a language execs understand.
4 min
Vendor Consolidation
Four Signs You Need to Consolidate Your Tech Stack
Learn how consolidation can improve productivity, visibility, and reporting as well as bridge staff resourcing gaps.
2 min
Security Operations (SOC)
Cybersecurity Analysts: Job Stress Is Bad, but Boredom Is Kryptonite
Repetitive tasks are a big part of a cybersecurity analyst’s day. But combining monotony with the need for attentiveness can be kryptonite.
5 min
Cloud Security
What It Takes to Securely Scale Cloud Environments at Tech Companies Today
Here are three ways to help empower your teams to take advantage of the many benefits of public cloud infrastructure without sacrificing security.
5 min
Security Operations
Metrics That Matter and Curtailing the Cobra Effect
Creating metrics in cybersecurity is hard enough, but creating metrics that matter is a harder challenge still.
6 min
Security Operations
A First-Year CISO Shares Her Point of View
On Thursday, November 17, Katie Ledoux, CISO at Attentive, joined Rapid7's Bob Rudis to dive into how she's approaching 2022 planning.
4 min
Security Operations
2022 Planning: Prioritizing Defense and Mitigation Through Left of Boom
In this post, we'll use ransomware as an example for 3 areas where you can apply a left-of-boom approach in your defenses in the coming year.
4 min
Cybersecurity
2022 Planning: The Path to Effective Cybersecurity Maturity
Achieving cybersecurity maturity isn't something you can do overnight — it requires a significant amount of planning, prioritizing, and coordinating across the business.
3 min
Cloud Security
The Future is Friction-Free: Drive Innovation With DevOps + SecOps
How can DevOps and IT teams work and innovate in a friction-reduced or—we can all dream—a friction-free way?
4 min
Application Security
Shifting Security Right: How Cloud-Based SecOps Can Speed Processes While Maintaining Integrity
Let’s take a look at some key insights on current industry efforts to more closely integrate DevOps and SecOps—and how you can plot your best path forward.
3 min
Vulnerability Management
Defining Vulnerability Risk Management (and How to Build a Modern VRM Program)
Once upon a time (just a handful of years ago), vulnerability management
programs
[https://www.rapid7.com/fundamentals/vulnerability-management-program-framework/]
focused solely on servers, running quarterly scans that targeted only critical
systems.
But that was then, and you can’t afford such a limited view in the now. Truth
is, vulnerability exploitation now happens indiscriminately across the modern
attack surface—from local and remote endpoints to on-prem and cloud
infrastructure to we
3 min
Security Operations
Confessions of a Former CISO: Shaming People for Bad Security
In this edition of Confessions of a Former CISO, Scott King shares some hard lessons he's learned about shaming others for their security.
5 min
Confessions of a Former CISO: Promoting Individual Contributors into Leadership Roles
We are excited to announce the release of “Confessions of a Former CISO,” a video series that highlights some of the mistakes, challenges, and successes in the InfoSec industry.
5 min
Security Operations
How to Define Business Value for Security Programs
Today, we're evaluating the categorization of Detection and Response program outcomes and Attack Surface Management outcomes uncovered by Rapid7's UX team.