Through a technique known as "retrospection," organizations can replay attacks, going back to scan their networks for malware identified after their networks were infected, says Ramon Peypoch of Protectwise.
Every year, information security professionals flock to San Francisco for the annual RSA Conference. From the debut of "Trumpcryption" to cybersecurity's "greatest hits" set to hip-hop violin, here are some of the 2017 event's highlights.
At the request of German authorities, British police have arrested a suspected hacker involved in last year's disruption of 1 million Deutsche Telekom customers' routers via Mirai malware, which targets default credentials on internet-connected devices.
Staying current in threat detection is key, which is why more security companies need to embrace a more open way of thinking when it comes to solutions integration, says Christopher Kruegel, CEO of Lastline.
As more IoT devices are compromised to wage large-scale attacks, related litigation and regulatory scrutiny will grow, which means device manufacturers - and users - could be held more accountable, says Richard Henderson, global security strategist at Absolute.
Risk analysis is at the core of most card fraud prevention platforms used today, says Carol Alexander of CA Technologies. But what if the industry could take the lessons it's learned to other channels, enabling banking institutions to more readily identify potentially fraudulent transactions before they happen?
Organizations are increasingly turning to user behavioral analytics to help more quickly detect new attacks - emanating from inside or outside the enterprise - as well as mitigate those threats, says CA's Mark McGovern.
Because most malware is spread via phishing, experts at Webroot are focusing their attention on stopping phishing attacks before they have a chance to infect a system with malicious code, says David Dufour, the company's senior director of engineering and cybersecurity.
Attackers continue to target enterprise assets both from outside and - too often - inside the corporate perimeter. To help, more organizations are turning to software-defined secure networks, says Mihir Maniar of Juniper Networks.
By applying analytics to user behavior, organizations can better prioritize the actual risks facing their business, thus helping cut through the sheer volume of security alerts they face daily, says Doug Copley, deputy CISO of Forcepoint.
Megaupload Founder Kim Dotcom plans to appeal a New Zealand High Court ruling that found him and three colleagues eligible for extradition to the U.S. The four men are charged with profiting by allowing the trade of copyright-protected content on their file-sharing platform.
Responding to disruptive data breaches, dealing with Mirai botnets, hacking back and the need for enterprises to segment their backup environments were just some of the topics dominating this year's RSA Conference in San Francisco.
Fooling hackers into giving up traceable information about themselves through "reflective" social engineering is helping researchers curb fraud losses and protect would-be victims, say Dell Secureworks researchers Joe Stewart and James Bettke.
A new website is now available for reporting medical device vulnerabilities, says Dale Nordenberg, M.D., executive director of the Medical Device Innovation, Safety and Security Consortium, who explains how MD-VIPER works in this in-depth interview.