Security Training
Trust-Based Security Models Ineffective: Researchers
June 04, 2015 Added by:Eduard Kovacs
The trust-based foundations of whitelisting make it more difficult for organizations to properly protect their networks against cyber threats, Kaspersky Lab researchers have warned.
Comments (0)
Concerns over Brand Security are Escalating
June 03, 2015 Added by:Peter Zavlaris
The unprecedented technological advancement seen over the last two decades has become a double-edged sword. As a result, information security has gone from being a tertiary IT function to a significant operational risk.
Comments (0)
Two's (Or More) Company: How to Use Two-Factor Authentication the Right Way
June 03, 2015 Added by:Patrick Oliver Graf
These days, you need a password to access every aspect of your digital life, and we all know how problematic that can be.
Comments (0)
Zero-Day Export Regulation Proposal Released for Public Comment
June 01, 2015 Added by:Anthony M. Freed
The U.S. Department of Commerce’s Bureau of Industry and Security (BIS) has released the proposal for regulatory control of the export of malware and zero-day exploits for a sixty-day public comment period, and the reaction from the security community and other interested parties is already definitively negative.
Comments (0)
Take Control of the Unsupervised BYOD Party
May 28, 2015 Added by:Michael Kienzle
Is your company’s BYOD (Bring Your Own Device) policy leaving your IT team feeling a bit uneasy? If so, perhaps it’s time for a CYOD or Choose Your Own Device policy.
Comments (0)
New Global Initiative Aims at Securing Smart Cities
May 28, 2015 Added by:Eduard Kovacs
Security researchers, companies and organizations have joined forces in a new non-profit global initiative whose goal is to secure smart cities.
Comments (0)
Threat Intelligence Sharing Valued, But Many Not Doing it: Survey
May 27, 2015 Added by:Brian Prince
Enterprises may largely agree that threat intelligence is important, but few are doing any actual sharing themselves, according to a new survey.
Comments (0)
Sign of the Times: Verizon Breach Report Tracks New Category
May 27, 2015 Added by:Peter Zavlaris
This year’s Verizon Data Breach Investigations Report (VDBIR) added a new category to its VERIS (Vocabulary for Event Recording and Incident Sharing) to track attacks with “secondary” motives.
Comments (0)
Why Outsourcing Remote Access Management Isn't The Answer For SMBs
May 27, 2015 Added by:Patrick Oliver Graf
So, should network administrators consider tapping into MSPs for network security in our current environment? The core issue is a common one in network security – convenience vs. security.
Comments (0)
Threat Intelligence: Knowledge is Power
May 26, 2015 Added by:Lisa Huff
Organizations have made massive investment in a variety of security solutions over the years. It is important to understand what investments that have made in security technologies in order to understand the success and possible challenges that they face.
Comments (0)
SSL and TLS Update
May 26, 2015 Added by:PCI Guru
The answer to SSL and TLS vulnerabilities are to remediate as soon as possible. If you are unable to remediate, then you need to mitigate the risk until you can remediate.
Comments (0)
Cloud Security Monitoring … Revisited (aka It Is Not 2012 Anymore!)
May 26, 2015 Added by:Anton Chuvakin
My next project, now that I am done with security analytics for now, is to revisit our cloud security monitoring work.
Comments (0)
Microsoft and the Software Lifecycle
May 25, 2015 Added by:Tripwire Inc
For some reason, Europe’s ‘The Final Countdown’ was playing in my head as I sat and pondered this write-up. I suppose that’s fitting given that we are about to cross the 60-day mark until Windows Server 2003 goes End-of-Life.
Comments (0)
Should MAD Make its Way Into the National Cyber-Security Strategy?
May 25, 2015 Added by:Brent Huston
Arguably, Mutually Assured Destruction (MAD) has kept us safe from nuclear holocaust for more than half a century. Although we have been on the brink of nuclear war more than once and the Doomsday clock currently has us at three minutes ‘til midnight, nobody ever seems ready to actually push the button – and there have been some shaky fingers indeed on those buttons!
Comments (0)
Will Your Contractors Take Down Your Business?
May 25, 2015 Added by:Rebecca Herold
Do you know how well your vendors, business associates, contracted third parties (who I will collectively call “contractors”) are protecting the information with which you’ve entrusted them to perform some sort of business activity? You need to know.
Comments (0)
Microsoft Patching: Don’t Forget to Read the Fine Print
May 21, 2015 Added by:Tripwire Inc
During my career, I have built and managed hundreds of production-level client and server systems, and nothing can be more worrisome than when it comes time to apply patches and upgrades to software. Why? Because things can, and often times, do go wrong during patch and upgrade cycles.
Comments (0)
- #NCSAM: Third-Party Risk Management is Everyone’s Business
- Oracle CPU Preview: What to Expect in the October 2017 Critical Patch Update
- Surviving Fileless Malware: What You Need to Know about Understanding Threat Diversification
- Why Cloud Security Is a Shared Responsibility
- Put Your S3 Buckets to the Test to Ensure Cloud Fitness
- Is Your “Father’s IAM” Putting You at Risk?
- SAP Cyber Threat Intelligence Report – October 2017
- Cyber Security in the Workplace Is Everyone’s Obligation
- Hey Alexa – Show Me Whitelisted Malware
- Hackers Disrupt Etherparty’s FUEL Token ICO