Features – Help Net Security

In this Help Net Security interview, Liad Shnell, CISO and CTO at Rakuten Viber, discusses how messaging platforms have become critical infrastructure during crises and conflicts. He explains how it influences cybersecurity priorities, from encryption and abuse prevention to incident response and user protection. Shnell also outlines how Viber assesses and mitigates risks that blend technical threats with human behavior. Messaging platforms increasingly function as de facto critical infrastructure during crises and conflicts. How does … More → The post Rakuten Viber CISO/CTO on balancing encryption, abuse prevention, and platform resilience appeared first on Help Net Security.

Cybersecurity students show higher engagement when the work feels tangible. A new study from Airbus Cybersecurity and Dauphine University describes what happens when courses move beyond lectures and place students inside structured hacking scenarios, social engineering exercises, and competitive games. From theory fatigue to hands on pressure Cybersecurity courses often emphasize tools, frameworks, and technical controls. The study highlights that common incidents still involve human behavior. Phishing emails, weak password practices, policy shortcuts, and misplaced … More → The post Teaching cybersecurity by letting students break things appeared first on Help Net Security.

In this Help Net Security interview, Hans Quivooij, CISO at Damen Shipyards Group, discusses securing OT and ICS in the shipyard. He outlines how project-based operations, rotating contractors, and temporary systems expand the threat surface and complicate access control. Quivooij also covers visibility in legacy environments and the risks introduced by IT and OT integration. Shipyards blend long-lived industrial equipment with short-lived projects and contractors. How does that project-based operating model change the threat surface … More → The post Rethinking OT security for project heavy shipyards appeared first on Help Net Security.

Security teams often spend time sorting through logs and alerts that point to activity happening outside corporate networks. Torrent traffic shows up in investigations tied to policy violations, insider risk, and criminal activity. A new research paper looks at that same torrent activity through an open source intelligence lens and asks how much signal security teams can extract from data that is already public. Data pipeline design Turning torrent metadata into intelligence Torrent files contain … More → The post What security teams can learn from torrent metadata appeared first on Help Net Security.

Firewall rules often begin as a sentence in someone’s head. A team needs access to an application. A service needs to be blocked after hours. Translating those ideas into vendor specific firewall syntax usually involves detailed knowledge of zones, objects, ports, and rule order. New research from New York University examines a different starting point, one that treats natural language as the entry point for firewall configuration. The paper presents a prototype system that accepts … More → The post Turning plain language into firewall rules appeared first on Help Net Security.

Chirag Shah, Global Information Security Officer & DPO at Model N examines how cyber risk in pharma and life sciences is shifting beyond traditional breaches toward data misuse, AI-driven exposure and regulatory pressure. He explains why executives still underestimate silent control failures, how ransomware groups are weaponizing compliance risk, and why proof of security will increasingly require real-time governance, not audits, as cybersecurity and compliance continue to converge. By 2026, what category of cyber risk … More → The post Pharma’s most underestimated cyber risk isn’t a breach appeared first on Help Net Security.

Security teams spend much of their time tracking vulnerabilities, abuse patterns, and system failures. A new study argues that many AI risks sit deeper than technical flaws. Cultural assumptions, uneven development, and data gaps shape how AI systems behave, where they fail, and who absorbs the harm. The research was produced by a large international group of scholars from universities, ethics institutes, and policy bodies, including Ludwig Maximilian University of Munich, the Technical University of … More → The post AI security risks are also cultural and developmental appeared first on Help Net Security.

Phones, smart glasses, and other camera-equipped devices capture scenes that include people who never agreed to be recorded. A newly published study examines what it would take for bystanders to signal their privacy choices directly to nearby cameras. BLINDSPOT system overview A direct signal from bystanders to cameras To address this, researchers at the University of California, Irvine designed BLINDSPOT, an on-device privacy signaling system. It allows bystanders to communicate privacy preferences to camera-enabled devices … More → The post What if your face could say “don’t record me”? Researchers think it’s possible appeared first on Help Net Security.

In this Help Net Security interview, Chrisma Jackson, Director of Cybersecurity & Mission Computing Center and CISO at Sandia National Laboratories, reflects on where the cyber talent pipeline breaks down and what it takes to fix it. She discusses skill gaps, hiring and retention realities, and how cybersecurity careers are evolving beyond traditional paths. Where do you see the real bottleneck in the cyber talent pipeline? Is it skills, training models, compensation, or something deeper … More → The post Building cyber talent through competition, residency, and real-world immersion appeared first on Help Net Security.

Browser agents promise to handle online tasks without constant user input. They can shop, book reservations, and manage accounts by driving a web browser through an AI model. A new academic study warns that this convenience comes with privacy risks that security teams should not ignore. The report evaluates eight popular browser agents released or updated in 2025. These include ChatGPT Agent, Google Project Mariner, Amazon Nova Act, Perplexity Comet, Browserbase Director, Browser Use, Claude … More → The post Browser agents don’t always respect your privacy choices appeared first on Help Net Security.