Cybercrime is a business and, like any business, it's driven by profit. But how can organizations make credential theft less profitable at every stage of the criminal value chain, and, in doing so, lower their risk?
It's déjà vu "FBI vs. Apple" all over again, as Reuters reports that the Justice Department is seeking to compel Facebook to build a backdoor into its Messenger app to help the FBI monitor an MS-13 suspect's voice communications.
Augusta University Health in Georgia says it just recently concluded that a phishing attack that occurred - and was detected - 10 months ago resulted in a breach potentially exposing information on 417,000 individuals. Security experts are questioning why the breach determination took so long.
The best way to take a holistic approach to the current threat landscape is to define security issues as business problems and then put the problem before the solution - not the other way around, contends RSA CTO Zulfikar Ramzan.
Malware detection needs to shift to detecting anomalous behavior, rather than depending on signature-based detection technologies to deal with such threats as sandbox-evading malware, says Verizon's Ashish Thapar.
While IT and OT integration has brought about new levels of operational efficiency, it has also introduced serious cyber risks that conventional IT security approaches might fail to address, says IBM Security's Paul Garvey.
Threat analytics involves understanding where threats to key data assets exist and planning your mitigation strategy around that, says Skybox's Gerry Sillars.
The STIX and TAXII standards for threat intel interchange have undergone a major upgrade to v2.0. LookingGlass CTO Allan Thomson, who's been closely involved in its development, describes the role of these enhanced standards.
Because of the lack of specialists with the skills needed to run security operations in the cloud, intelligent automation is essential, says Microsoft's Diana Kelley.
Disruption to operational technology can cause business downtime as well as serious public safety issues, so a nuanced approach to cybersecurity is essential, says Obbe Knoop of Nozomi Networks.
A number of innovative applications of blockchain technology for security are emerging, but Laurence Pitt of Juniper Networks warns that not all data is suitable for storage in a blockchain.
Achieving built-in, rather than bolted-on security at the DevOps stage through transparent orchestration is the new mantra for building resilient systems and software, says Sumedh Thakar of Qualys.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.