Information Security

The SecurityInfoWatch.com Information Security product category is a collection of news, product listings and other resources for security professionals researching Information Security solutions. It covers a wide variety of network security hardware and software products.

More AI tools have been democratized, lowering barriers to entry for today’s threat actors. Phishing scams and social engineering have become increasingly sophisticated, putting more organizations at risk of unauthorized system access.

Security Executives

Observability’s Role in Creating Resilient Cyberinfrastructures

June 9, 2025

Proper observability encompasses best practices such as multi-factor authentication, encryption, and employee training to mitigate phishing emails.

A staggering 74% of cloud breaches are caused by insecure code, making robust security practices imperative. The adoption and acceleration of AI-generated code have further amplified security risks, necessitating a proactive approach to application security to prevent these risks from becoming threats.

Cloud Security Solutions

Stop Wasting Your AppSec Budget: Why a Platform Approach is Key to Maximizing ROI

May 30, 2025

Despite being 25 years old, Active Directory (AD) remains a cornerstone of identity management in most enterprise environments, thanks to its deep integration and long-standing reliability.

A quarter century of control: The enduring power of Active Directory

May 21, 2025

Given the complexity and distributed nature of file data, it’s no surprise that it represents one of the largest surfaces for potential ransomware damage.

Tier your unstructured data to lower storage costs and cyber risk

May 13, 2025

Information Security

sos_technologies_authorization_logo

Cloud Security Solutions

SmartSOS Becomes First GovRAMP-Authorized Threat Management Platform

May 2, 2025

The explosion of digital data has transformed the way businesses operate. Technologies like AI-driven automation, IoT, and cloud computing have generated vast amounts of data, making data protection more complex than ever.

The key to achieving cyber resilience in data protection

April 30, 2025

In February, the current administration cut 130 positions at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to reduce government spending.

Cybersecurity priorities for the Trump Administration in flux

Matthew Lloyd Davies

April 29, 2025

grid_attack_in_spain

Critical Infrastructure

Blackout or breach? Spain and Portugal’s grid collapse fuels cyberattack fears

April 29, 2025

Categories

Alarm Systems & Intrusion Detection

Artificial Intelligence

Associations, Research & Training Organizations

Camera Accessories

Central Station Alarm Monitoring

Dealers, Integrators & Installing Companies

Emergency Safety Equipment

Fire & Life Safety

Home Alarm Systems

Hosted/Managed Video Surveillance

Identification Solutions

Information Security

Anti-Virus and Malware Defense

Breach Detection

Cloud Security Solutions

Computer and Network Security Hardware

Computer and Network Security Software

Document and Data Controls & Destruction

Encryption Solutions

Managed Network Security

Infrared Illuminators

Installation Tools & Equipment

Integrated Security Management Systems & PSIM

Intercom Solutions

License Plate Detection

Loss Prevention Solutions

Monitors & Video Walls

Networking Equipment and Cabling

Physical Hardening

Power Systems & Supplies

Protective Operations & Guard Services

Safes, Seals and Security Containers

Security Industry Services

Security Lighting

Threat Detection, Imaging & Inspection

Video Analytics

Video Intercoms

Video Management Software/VMS

Video Surveillance Storage

Video Transmission Equipment

Wellness/Elderly Monitoring

Wireless Video Solutions

The cybersecurity ecosystem circulates enough fear, uncertainty, and doubt that it can feel like there’s no light at the end of the tunnel.

Potion or poison? How AI is reshaping the cybersecurity battlefield

April 23, 2025

The double-edged sword that could save—or sabotage—enterprise security

Exploitation of known vulnerabilities is on the rise, with the 2025 Verizon DBIR revealing a 34% increase in this tactic as an initial breach vector — now responsible for one in five data breaches.

Verizon’s 2025 DBIR Reveals Vulnerability Exploits Are Driving a Surge in Data Breaches

April 23, 2025

The latest Data Breach Investigations Report from Verizon highlights a 34% increase in the use of vulnerability exploitation as a breach entry point, underscoring the urgent need...

Kiteworks and Wasabi partner to deliver integrated cloud storage and secure file transfer

Cloud Security Solutions

Kiteworks and Wasabi partner to deliver integrated cloud storage and secure file transfer

April 23, 2025

The integration with Wasabi hot cloud storage delivers cost-effective cloud storage with enterprise-grade security and compliance.

Johan Paulsson, CTO, Axis Communications

Cloud Security Solutions

Axis Communications wins 2025 BIG Innovation Award for Axis Cloud Connect

Axis Communications

April 21, 2025

The 2025 BIG Innovation Awards honor organizations and individuals pushing boundaries and advancing their industries.

The Change Healthcare cyberattack made a lasting impact on the healthcare industry and security professionals worldwide. Over a year later, it is still pointed to as an example of a breach that can have devastating consequences, but the lessons security leaders can take away will help them be better prepared for the future.

The Change Healthcare cyberattack still resonates more than a year later

April 16, 2025

Lessons for cybersecurity leaders include that security solutions and protocols must evolve as cyberattacks continue to evolve.

While AI has strengthened cybersecurity defenses, cybercriminals have also weaponized it to enhance the sophistication and effectiveness of ransomware attacks.

AI-driven sophisticated cyber-attacks: techniques, detection and defense

April 10, 2025

As artificial intelligence reshapes the cyber threat landscape, organizations must rethink their defense strategies to counter ransomware attacks that are faster, smarter, and...

What 23andMe underscores isn’t limited to one company or one industry. It reminds us that a business's durability is measured not just in capital but also in how responsibly it handles its data.

Information Security

The 23andMe fallout shows why privacy can’t be an afterthought

April 9, 2025

The 23andMe collapse reveals deep flaws in how companies treat personal data—not as a sacred trust, but as a disposable asset.

In the interconnected world of IoT, robust cybersecurity measures are essential to protect data integrity and privacy.

IoT security challenges in today’s hyper-connected world

Rodrigo Ferreira

April 8, 2025

The rapid adoption of IoT devices has significantly expanded the attack surface for cyber threats, necessitating robust security measures to protect data integrity, privacy and...

Traditional EDR is evolving, and the next phase of endpoint security is here: Preemptive Endpoint Protection (PEP). Unlike its predecessor, PEP doesn’t just detect and respond to attacks; it actively prevents them.

Traditional EDR can't keep up with modern cyber threats

March 31, 2025

Why reactive cybersecurity falls short and what you can do about it.

Rather than relying on a rigid set of prescriptive controls, the standard enables organizations to tailor their security measures to their specific risk environments. Key changes include expanded multi-factor authentication requirements, increased emphasis on continuous risk assessment, and better integration of security into business-as-usual activities.

From compliance to cyber resilience: Aligning with PCI DSS 4.0 and DORA

March 31, 2025

PCI DSS 4.0, finalized in March 2022, goes into full effect on March 31, 2025, and introduces a more flexible, outcome-based approach to securing payment data.

Understanding why social engineering works so effectively requires insight into the psychology behind it.

Why human vulnerability is cybersecurity's most significant and costliest weakness

March 18, 2025

Understanding how social engineering can cripple an organization is a critical driver for implementing solid policy and security frameworks.

As third-party breaches continue to rise, organizations must recognize that their security is only as strong as the weakest link in their vendor ecosystem.

Third-Party Data Breaches: Hidden Threat Lurking in Vendor Networks

March 18, 2025

The Black Kite 2024 Third-Party Breach Report reveals significant cybersecurity vulnerabilities in vendor supply chains, with 92 vendors linked to breaches affecting 227 companies...

The healthcare sector faces unique cybersecurity challenges due to the sensitive nature of the data it handles and the critical services it provides. By understanding the various vulnerabilities and implementing robust security measures, healthcare organizations can better protect themselves against cyber threats.

Information Security

Cybersecurity Vulnerabilities in Healthcare: A Growing Concern

Antoinette King, PSP, DPPS, SICC, CMMC-RP

March 13, 2025

Understanding vulnerabilities and implementing strong security measures help healthcare organizations defend against cyber threats.

Ransomware groups now specifically target healthcare providers, knowing that the immediate need to restore patient care services increases the likelihood of ransom payments.

HIPAA’s New Data Security Chapter: Transforming Healthcare Security in 2025

March 13, 2025

Effective implementation hinges on transparent communication with staff, patients, and business partners about new security measures and their impact on workflow.

Today, IoT devices, including physical security products, often operate in diverse and remote environments, with fleets typically ranging from thousands to tens of thousands of devices.

Physical Hardening

Why Physical Security Products Need Over-the-Air (OTA) Updates Under the EU CRA

Eystein Stenberg

March 13, 2025

Legacy methods of updating physical security devices, like manual intervention or USB-based updates, are outdated and impractical in today’s interconnected landscape.