April 05, 2016 Added by:Steve Durbin
Most research on the insider threat focuses on malicious behavior. However, insider negligence and insider accidents comprise a greater and growing proportion of information security incidents. Chief Information Security Officers (CISOs) who limit their thinking to malicious insiders may be gravely miscalculating the risk.
March 14, 2016 Added by:Mark Parker
Unfortunately, while the popularity of March Madness (the NCAA Basketball Tournament) has grown exponentially, nearly every facet of any employee’s involvement with the event could open up the employee, as well as the organization, to a number of cyber risks.
February 17, 2016 Added by:Dan Lohrmann
With the surging growth in cyberspace, new technologies, Wi-Fi, apps, robots, drones, terrorists with social media accounts, the Internet of Things (IoT) and nation-state hacking, online data security has become the Achilles’ heel of the Internet. A growing number of people want to know about new apps available for their smartphones and their data in the cloud – along with the upcoming securit...
December 21, 2015 Added by:Dan Lohrmann
Beyond cyber war and the good guys having the right tools to catch the bad guys, there can be a tendency to ignore “more mundane” acceptable use directives. That is, security staff can download copyrighted material (movies and games), view porn at work, look at information that is private (like promotions, raises or other data from management), “borrow” passwords or delete log files to cov...
December 08, 2015 Added by:Kirsten Bay
Where is a cyber security professional to begin when the stakes are set against the corporation? The key is better preparation. Below are five steps that will provide an approach to help build a strategy that offers the potential to outsmart the attacker.
December 07, 2015 Added by:Steve Durbin
As information risks and cyber security threats increase, organizations need to move away from reacting to incidents and toward predicting and preventing them. Developing a robust mechanism to assess and treat information risk throughout the organization is a business essential.
December 03, 2015 Added by:Darren McCue
Time and again we see companies neglecting to protect themselves at the most basic, key levels – on both the physical and digital sides – leaving dangerous gaps in coverage to be exploited farther down the complexity chain.
December 01, 2015 Added by:Steve Durbin
Organizations worldwide continue to struggle to attract and retain skilled information and cybersecurity professionals. Overcoming this challenge requires a more imaginative, business and people-centric approach to the recruitment of security professionals.
November 12, 2015 Added by:Emil Eifrem
Good access management requires a comprehensive and intelligent system in place for quick and accurate identification of an individual’s right to view certain information. This means a more granular and flexible approach to control is needed. This is where graph databases can help.
September 23, 2015 Added by:Ilia Kolochenko
The first issue with the majority of CTFs is that they focus on single result (flag), rather than a process of comprehensive consecutive security testing.
August 04, 2015 Added by:Steve Durbin
Organizations are struggling to cope with the quantum speed and sophistication of global cyber-attacks being carried out by organized cyber-criminal syndicates. Moving forward, businesses need to prepare to be targeted at any time, and any place, by multiple assailants. Organizations that wish to keep pace with these developments, and remain financially viable, need to take action now, or face the...
July 06, 2015 Added by:Steve Durbin
Part III in this series looks at the need to institute a cloud assessment process and the four actions that organizations of all sizes can take to better prepare themselves as they place their sensitive data in the cloud.
June 25, 2015 Added by:Eduard Kovacs
Based on data from its “telephony honeypot,” anti-fraud company Pindrop Security has determined that the number of scam calls aimed at enterprises has increased by 30 percent since 2013.
June 25, 2015 Added by:Anton Chuvakin
As a security technologist you may be asked to do the impossible.
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015