October 20, 2016 Added by:Dave Burton
If enterprises are serious about curtailing the cost of data breaches, it’s time to shift their focus to one of the chief culprits driving up the cost of breaches: dwell time.
July 21, 2016 Added by:Paul Shomo
I see wisdom behind the instinct to resist information authority. Human hierarchy tends to pyramid into increasingly fewer numbers up top. If you're going to fight for rights, there are more individuals at the bottom and more power to abuse from above.
May 09, 2016 Added by:Vanishree Rao
Thanks to digital preferences of millennials, increased digitization and cloudification will drive the demand for cloud security products and services.
April 26, 2016 Added by:Jim Legg
While prevention of the initial breach is an important layer of an enterprise security strategy, perimeter-based threat protection alone is not sufficient to protect against today’s increasingly sophisticated and targeted external security threats.
April 05, 2016 Added by:Steve Durbin
Most research on the insider threat focuses on malicious behavior. However, insider negligence and insider accidents comprise a greater and growing proportion of information security incidents. Chief Information Security Officers (CISOs) who limit their thinking to malicious insiders may be gravely miscalculating the risk.
April 04, 2016 Added by:Dan Lohrmann
While media attention has focused on global terrorist incidents and the presidential primaries, a growing number of business emergencies caused by ransomware are sweeping the world. The risk of this situation escalating into a significant public- or private-sector crisis is growing.
April 01, 2016 Added by:Paul Morville
This April Fool’s Day, let’s acknowledge that a security strategy focused exclusively on patching and prevention is a fool’s errand and let’s move towards an adaptive approach that includes prevention, detection, continuous visibility and response.
February 22, 2016 Added by:Larry Karisny
When I spoke on the need for cybersecurity innovation at the January ITEXPO conference in Fort Lauderdale, Fla., I sensed something interesting about my cybersecurity colleagues: They don't seem to care about innovation; they care about having a job in cybersecurity.
February 17, 2016 Added by:Dan Lohrmann
With the surging growth in cyberspace, new technologies, Wi-Fi, apps, robots, drones, terrorists with social media accounts, the Internet of Things (IoT) and nation-state hacking, online data security has become the Achilles’ heel of the Internet. A growing number of people want to know about new apps available for their smartphones and their data in the cloud – along with the upcoming securit...
February 10, 2016 Added by:Idan Aharoni
Inteller has identified a new Ransomware malware being offered for sale in the underground, dubbed "GinX", which encrypts important and sensitive files on the victim's computer and which targets not only Windows operating systems, but MacBook's OSX as well.
January 28, 2016 Added by:Steve Durbin
After reviewing the current threat landscape, there are five prevalent security threats that the Information Security Forum believes businesses need to prepare for in 2016. These include, but are not limited to, the unintended consequences of state intervention, Big Data, mobile applications and the Internet of Things (IoT), cybercrime and the growing skills gap in the information security industr...
December 21, 2015 Added by:Dan Lohrmann
Beyond cyber war and the good guys having the right tools to catch the bad guys, there can be a tendency to ignore “more mundane” acceptable use directives. That is, security staff can download copyrighted material (movies and games), view porn at work, look at information that is private (like promotions, raises or other data from management), “borrow” passwords or delete log files to cov...
December 07, 2015 Added by:Steve Durbin
As information risks and cyber security threats increase, organizations need to move away from reacting to incidents and toward predicting and preventing them. Developing a robust mechanism to assess and treat information risk throughout the organization is a business essential.
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015