April 26, 2016 Added by:Jim Legg
While prevention of the initial breach is an important layer of an enterprise security strategy, perimeter-based threat protection alone is not sufficient to protect against today’s increasingly sophisticated and targeted external security threats.
April 05, 2016 Added by:Steve Durbin
Most research on the insider threat focuses on malicious behavior. However, insider negligence and insider accidents comprise a greater and growing proportion of information security incidents. Chief Information Security Officers (CISOs) who limit their thinking to malicious insiders may be gravely miscalculating the risk.
April 04, 2016 Added by:Dan Lohrmann
While media attention has focused on global terrorist incidents and the presidential primaries, a growing number of business emergencies caused by ransomware are sweeping the world. The risk of this situation escalating into a significant public- or private-sector crisis is growing.
April 01, 2016 Added by:Paul Morville
This April Fool’s Day, let’s acknowledge that a security strategy focused exclusively on patching and prevention is a fool’s errand and let’s move towards an adaptive approach that includes prevention, detection, continuous visibility and response.
February 22, 2016 Added by:Larry Karisny
When I spoke on the need for cybersecurity innovation at the January ITEXPO conference in Fort Lauderdale, Fla., I sensed something interesting about my cybersecurity colleagues: They don't seem to care about innovation; they care about having a job in cybersecurity.
February 17, 2016 Added by:Dan Lohrmann
With the surging growth in cyberspace, new technologies, Wi-Fi, apps, robots, drones, terrorists with social media accounts, the Internet of Things (IoT) and nation-state hacking, online data security has become the Achilles’ heel of the Internet. A growing number of people want to know about new apps available for their smartphones and their data in the cloud – along with the upcoming securit...
February 10, 2016 Added by:Idan Aharoni
Inteller has identified a new Ransomware malware being offered for sale in the underground, dubbed "GinX", which encrypts important and sensitive files on the victim's computer and which targets not only Windows operating systems, but MacBook's OSX as well.
January 28, 2016 Added by:Steve Durbin
After reviewing the current threat landscape, there are five prevalent security threats that the Information Security Forum believes businesses need to prepare for in 2016. These include, but are not limited to, the unintended consequences of state intervention, Big Data, mobile applications and the Internet of Things (IoT), cybercrime and the growing skills gap in the information security industr...
December 21, 2015 Added by:Dan Lohrmann
Beyond cyber war and the good guys having the right tools to catch the bad guys, there can be a tendency to ignore “more mundane” acceptable use directives. That is, security staff can download copyrighted material (movies and games), view porn at work, look at information that is private (like promotions, raises or other data from management), “borrow” passwords or delete log files to cov...
December 07, 2015 Added by:Steve Durbin
As information risks and cyber security threats increase, organizations need to move away from reacting to incidents and toward predicting and preventing them. Developing a robust mechanism to assess and treat information risk throughout the organization is a business essential.
December 01, 2015 Added by:Steve Durbin
Organizations worldwide continue to struggle to attract and retain skilled information and cybersecurity professionals. Overcoming this challenge requires a more imaginative, business and people-centric approach to the recruitment of security professionals.
October 06, 2015 Added by:Dan Lohrmann
Recent data breaches, and the international emphasis on critical infrastructure protection, are helping raise awareness of the importance of technology infrastructure improvements. Many organizations are currently building “next-generation” networks with new projects that are well funded. Don’t waste any opportunity to reinvent your network or infrastructure when you get the chance.
August 04, 2015 Added by:Geoff Sanders
Historical forms of authentication were never meant for the networked landscape we live in today. The ﬁrst passwords were adequate authentication solutions only because the systems they secured were isolated. Unfortunately, the isolated systems that pervaded the early days of the computer revolution has set the foundation for authentication in the Internet Age.
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015