Features Archives – Help Net Security Daily information security news with a focus on enterprise security.
- Reading between the lines of a cyber insurance policyby Mirko Zorz on July 16, 2026 at 6:00 am
Enterprises in regulated industries often carry cyber insurance policies because contracts require it or boards ask for documented risk transfer. The global market for these policies reached about $16 billion in premiums in 2024. Coverage has become widespread. Payouts have grown less predictable. The gap between exposure and coverage The Global Federation of Insurance Associations, which represents insurers accounting for close to 90 percent of premiums worldwide, quantified the cyber protection gap at about $900 … More → The post Reading between the lines of a cyber insurance policy appeared first on Help Net Security.
- Orbia CISO Miranda Ritchie on building security into sustainable infrastructureby Mirko Zorz on July 8, 2026 at 6:00 am
In this interview with Help Net Security, Miranda Ritchie, CISO at Orbia, talks about protecting industrial systems where software runs water, chemical and manufacturing processes. She explains why a cyber incident in these settings can harm people, equipment and the environment, and how spread-out sites and aging control hardware widen the risk. Ritchie describes tying security to safety culture, embedding cyber teams early in new projects, and treating nothing as trusted just because it sits … More → The post Orbia CISO Miranda Ritchie on building security into sustainable infrastructure appeared first on Help Net Security.
- OpenAI and Anthropic are pulling in different directionsby Mirko Zorz on July 8, 2026 at 4:00 am
Companies are handing routine operational decisions to AI agents that plan, remember, and act on their behalf. These agents run on statistical models, and their behavior can drift across weeks and months. That drift opens a security gap outside the reach of standard monitoring tools. A study of about 1,080 open job postings at OpenAI and Anthropic maps where the two largest AI labs are taking this technology. Each role reflects a budget decision, so … More → The post OpenAI and Anthropic are pulling in different directions appeared first on Help Net Security.
- Researchers make the case for a cybersecurity AI scientistby Mirko Zorz on July 7, 2026 at 6:30 am
Autonomous AI agents have started doing real security work. Language-model agents probe software for flaws, run penetration tests, and chain together attack steps that once needed a human operator. Research about security has stayed slower and more manual, built around expert scarcity and hand-designed experiments. A team at the Chinese Academy of Sciences wants to close that gap. In a recent paper, they define what they term the Cybersecurity AI Scientist. They describe a research … More → The post Researchers make the case for a cybersecurity AI scientist appeared first on Help Net Security.
- Securing the inbox: Where identity, brand and security meetby Mirko Zorz on July 6, 2026 at 6:00 am
Getting a verified logo to appear next to your email has traditionally meant having to work with two separate entities. You have to work with a DMARC partner for setting up DMARC and BIMI, then use a trusted Certificate Authority (CA) to purchase a Mark Certificate, and this means having to source a trusted partner for both which delays the project unnecessarily. Red Sift and GlobalSign have now folded both halves into a single package. … More → The post Securing the inbox: Where identity, brand and security meet appeared first on Help Net Security.
- The endpoint recovery gap many teams discover during an incidentby Mirko Zorz on July 2, 2026 at 6:00 am
In this interview with Help Net Security, IGEL CTO Matthias Haas explains why backups alone do not equal recovery. He makes the case that endpoint recovery is often overlooked, leaving organizations exposed when thousands of devices go down at once. Haas walks through what a well-planned recovery looks like, where the bottlenecks appear, and why restoring trusted user access matters more than counting blocked threats. He also shares how security leaders can convince a CFO … More → The post The endpoint recovery gap many teams discover during an incident appeared first on Help Net Security.
- AirDrop and Quick Share vulnerabilities affect protocols on five billion devices as fixes beginby Mirko Zorz on June 30, 2026 at 6:15 am
Phones and laptops ship with a feature that sends files to nearby devices over the air, with no cables, accounts, or prior pairing. Apple calls its version AirDrop. Google and Samsung call theirs Quick Share. Both run inside privileged background services that wake when another device comes within wireless range, and both read a stack of serialized data formats sent by devices they have never met. More than five billion active devices run one of … More → The post AirDrop and Quick Share vulnerabilities affect protocols on five billion devices as fixes begin appeared first on Help Net Security.
- The uptime questions every engineering leader should ask this weekby Mirko Zorz on June 25, 2026 at 6:30 am
In this interview with Help Net Security, Mattias Geniar, CTO at Oh Dear, explains why most outages start quietly, as creeping latency or a slow rise in errors. He argues teams alert on the wrong things: absolute numbers instead of changes, isolated endpoints instead of real user outcomes. He covers alert fatigue, the DNS and certificate failures buried deep in the stack, the risk of leaning on one provider, and the mistakes tired engineers make … More → The post The uptime questions every engineering leader should ask this week appeared first on Help Net Security.
- Where IT meets OT and railway cybersecurity gets harderby Mirko Zorz on June 24, 2026 at 6:00 am
In this interview with Help Net Security, Jorge Aldegunde, Global Head of Railway Services at DNV, talks through what happens when old operational technology meets newer IT in monorail systems. He explains why open networks widened the attack surface, how teams decide whether to patch a signalling flaw without stopping trains, and who carries the liability. Aldegunde covers regulation like CRA and NIS2, training veteran engineers to think about threat actors, and spotting intruders who … More → The post Where IT meets OT and railway cybersecurity gets harder appeared first on Help Net Security.
- A $1,400 experiment in AI security auditing outperformed OpenAI’s Codex Securityby Mirko Zorz on June 23, 2026 at 5:30 am
A research team has built a system that teaches AI agents to hunt for software bugs by writing the audit method down as plain text. The system, called EVOHUNT, keeps the underlying AI model fixed and improves only an external “playbook” that tells the agent how to work. One result stands out for anyone buying security tools. An open-source model running an evolved playbook found real vulnerabilities at a higher rate than OpenAI’s commercial Codex … More → The post A $1,400 experiment in AI security auditing outperformed OpenAI’s Codex Security appeared first on Help Net Security.






