Tony Morbin

Executive News Editor, EU

Morbin is a veteran cybersecurity and tech journalist, editor, publisher and presenter working exclusively in cybersecurity for the past decade – at ISMG, SC Magazine and IT Sec Guru. He previously covered computing, finance, risk, electronic payments, telecoms, broadband and computing, including at the Financial Times. Morbin spent seven years as an editor in the Middle East and worked on ventures covering Hong Kong and Ukraine.

Achieving OT Security Maturity

Tony Morbin • May 9, 2023

OT security is being discussed in the board room as attackers adopt the use of AI and automation. Many organizations never fully implement the frameworks that define OT security maturity, and we need holistic solutions and platform approaches that address the operator's needs.

Handling Open-Source Content Licensing: Wrong Answers Only

Tony Morbin • April 26, 2023

When you create proprietary code, even using a component of open-source code within a subcomponent could cause your project to become open-source code.Jeanette Sherman of Mend Security discusses the need to identify open-source code and the license types being used.

Advanced Authentication: Trust Your Digital ID in Mainframe

Tony Morbin • March 24, 2023

Network boundaries have dissipated while changes in regulation and customer approaches to trust now require more advanced authentication and the ability to treat each authentication in relation to its specific risk level. Broadcom's Mary Ann Furno discusses these issues.

Organization-Wide Passwordless Orchestration

Tony Morbin • January 31, 2023

In this audiocast with Information Security Media Group, Joe Garber explains why a single authentication platform is the best way to gain a holistic view across information silos, enabling automation of key actions.

Why is DDoS still a problem, and what do we need to do about it?

Tony Morbin • December 16, 2022

After 20 years DDoS remains a problem due to the old protocols used by the internet, making DDOS protection and mitigation not just sensible to have but a fundamental element of cybersecurity.

Simplifying Implementation of a Zero Trust Architecture

Tony Morbin • November 16, 2022

The primary challenge with zero trust is keeping it simple, operationally efficient and easy to understand, with predictably positive outcomes. This is achieved across various systems, not with different solutions, policies and technologies in different areas, and it should involve minimal friction.

Risk-Based Alerting Helps SOCs Focus on What Really Matters

Tony Morbin • October 26, 2022

Detection tools can potentially overwhelm security operation center analysts with alerts, many of which are false positives, leading to ticket fatigue and missed attacks. Splunk's Jesse Trucks shares how the latest risk-based alerting technology helps SOCs focus on the threats that really matter.

What to Do Based on 2022: Expert Analysis of TPSRM Survey

Tony Morbin • September 21, 2022

From SolarWinds to Kaseya, Accellion, Log4j and Okta, third-party security breaches are among the most devastating for organizations affected. Tony Morbin of ISMG dives into the story behind the results of a global survey with Demi Ben-Ari, the co-founder, CTO and head of security at Panorays.

The Use of Cyber Power in Conflict

Tony Morbin • August 31, 2022

Cyberspace is a battlefield with no physical or geographic boundaries. During wartime, targets on land, sea, air and space are vulnerable to cyberthreats and opportunities, and nations face many uncertainties about when and how to respond to attacks, says BAE Systems' Miriam Howe.

A Holistic Approach to Developing a Combined Security and Compliance Program

Tony Morbin • July 18, 2022

Cybersecurity compliance is not the same as security. Recognizing this fact can lead many organizations to prioritize one over the other, thereby increasing critical risks. But by taking a planned approach to integrating the two, you can achieve a holistic solution that delivers both.

Constant Vigilance Demanded - Cyber 'Not Just Another Risk'

Tony Morbin • July 4, 2022

The Biden executive order on cybersecurity was a catalyst for action, with tight delivery times for steps including promotion of SBOMs and zero trust. The cyber-physical nexus and expanding threat surface mean it's not easy to maintain vigilance, but recognizing that is the first step.

Taking a Risk-Based Approach to Cybersecurity

Tony Morbin • May 17, 2022

Many experts advise organizations to pivot from a maturity-based approach to a risk-based approach to cybersecurity. Tia Hopkins, field CTO and chief cyber risk strategist at eSentire, discusses where the maturity-based approach falls short and how a risk-based approach can help organizations.

Cyberwarfare in the Russia-Ukraine War

Tony Morbin • April 28, 2022

As one of the architects of Israel's offensive Red Team intelligence unit and Incident Response Team, Reuven (Rubi) Aronashvili, CEO of Israeli cybersecurity company CYE, provides a highly informed view of current cyberwarfare in the Russia-Ukraine war, including how it differs from kinetic warfare.

Cybersecurity Executive Order: An Assessment

Tony Morbin • June 2, 2021

The most significant component of President Biden's recently released executive order on cybersecurity is its call for the creation of software life cycle security standards, says Adam Isles, former deputy chief of staff at the U.S. Department of Homeland Security, who offers a complete assessment.

Project 2030: Scenarios for the Future of Cybercrime

Tony Morbin • May 17, 2021

Dr. Victoria Baines, a visiting research fellow at Oxford University in the U.K., is acclaimed as one of the country’s most influential women in cybersecurity. In this video interview, she describes potential future cyberthreats as criminals adapt to the changing cybersecurity landscape.