Features – Help Net Security

Cybersecurity training often struggles to match the complexity of threats. A new approach combining digital twins and LLMs aims to close that gap. Researchers from the University of Bari Aldo Moro propose using Cyber Digital Twins (CDTs) and generative AI to create realistic, interactive environments for cybersecurity education. Their framework simulates IT, OT, and IoT systems in a controlled virtual space and layers AI-driven feedback on top. The goal is to improve penetration testing skills … More → The post What happens when penetration testing goes virtual and gets an AI coach appeared first on Help Net Security.

AI is moving from proof-of-concept into everyday security operations. In many SOCs, it is now used to cut down alert noise, guide analysts during investigations, and speed up incident response. What was once seen as experimental technology is starting to deliver results that CISOs can measure. Some of this has been in place for years. Machine learning already powers many threat detection engines and behavioral analytics tools. But the recent wave of GenAI has opened … More → The post How security teams are putting AI to work right now appeared first on Help Net Security.

In this Help Net Security interview, Warren O’Driscoll, Head of Security Practice at NTT DATA UK and Ireland, discusses how military leadership training equips veterans with the mindset, resilience, and strategic thinking needed to excel in cybersecurity. Drawing on habits such as disciplined preparation, blunt honesty, and adaptive decision-making, veterans bring a blend of defensive and offensive planning skills to high-stakes cyber operations. Their leadership experience fosters trust, cohesion, and problem-solving, qualities that can transform … More → The post How military leadership prepares veterans for cybersecurity success appeared first on Help Net Security.

Flow monitoring tools are useful for tracking traffic patterns, planning capacity, and spotting threats. But many off-the-shelf solutions come with steep licensing costs and hardware demands, especially if you want to process every packet. A research team at the University of Tübingen has built an alternative: an open-source, cost-effective, and distributed platform for collecting unsampled IPFIX data. Their system, called SENSOR, uses open-source software and vendor-agnostic components to monitor traffic at multiple points in the … More → The post Open-source flow monitoring with SENSOR: Benefits and trade-offs appeared first on Help Net Security.

In this Help Net Security interview, Amy Herzog, CISO at AWS, discusses how cloud-native security enables scalable, flexible protection that aligns with how teams build in the cloud. She explains the Shared Responsibility Model and the tools and processes that scale security. Herzog also explains how AI helps automate threat detection and vulnerability management. What does “cloud-native security” mean? Cloud-native security refers to both security controls that work the same way the cloud does and … More → The post AWS CISO explains how cloud-native security scales with your business appeared first on Help Net Security.

Instead of focusing only on corporate systems, some APT groups are now going after executives in their personal lives. Home networks, private devices, and even family members have become targets. This approach works because executives often work remotely, store files in cloud accounts, and stay active online. These behaviors open doors for attackers, especially when personal networks are not monitored or protected at the same level as corporate infrastructure. APT groups may begin with basic … More → The post APT groups are getting personal, and CISOs should be concerned appeared first on Help Net Security.

In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the way organizations approach security. He explains why finding the right balance between old and new technology is essential for maintaining protection. As more companies move from traditional on-prem setups to SaaS, how is that changing the way they approach security? Are most organizations handling that shift well, or are … More → The post From legacy to SaaS: Why complexity is the enemy of enterprise security appeared first on Help Net Security.

In this Help Net Security interview, Jordan Avnaim, CISO at Entrust, discusses how to communicate the quantum computing threat to executive teams using a risk-based approach. He explains why post-quantum cryptography (PQC) is an urgent and long-term priority. Avnaim also outlines practical steps CISOs can take to build crypto agility and maintain digital trust. From your perspective as a CISO, how do you frame the quantum computing threat to executives and the board? Complexity can … More → The post Beyond PQC: Building adaptive security programs for the unknown appeared first on Help Net Security.

In this Help Net Security interview, Aayush Choudhury, CEO at Scrut Automation, discusses why many security tools built for large enterprises don’t work well for leaner, cloud-native teams. He explains how simplicity, integration, and automation are key for SMBs with limited resources. Choudhry also shares how AI is beginning to make a difference for mid-market companies in managing risk and compliance. What are some specific examples of security tooling or vendor approaches that simply don’t … More → The post Security tooling pitfalls for small teams: Cost, complexity, and low ROI appeared first on Help Net Security.

In this Help Net Security interview, Marc Frankel, CEO at Manifest Cyber, discusses how overlooked AI-specific risks, like poisoned training data and shadow AI, can lead to security issues that conventional tools fail to detect. He explains how AI Bills of Materials (AIBOMs) extend SBOMs to provide transparency into datasets, model weights, and third-party integrations, improving governance and incident response. Frankel also outlines the steps organizations must take to achieve executive-grade visibility and maintain AI … More → The post AIBOMs are the new SBOMs: The missing link in AI risk management appeared first on Help Net Security.