What are CISOs' priorities when it comes to spending their security budgets? Paul Bowen of Arbor Networks discusses spending trends by region, technology and types of security defenses.
In many organizations, overworked security analysts are trailing the bad guys in technology and knowledge, and this gap leads to increased risk, says Jeff Michael of Lastline.
The March SamSam ransomware attack in Atlanta is reported to have cost the city $17 million to resolve. The attackers had asked for a $51,000 bitcoin ransom, which the city refused to pay. But Gartner Research analyst Avivah Litan stresses that paying ransoms has more cons than pros.
A tragic accident involving the drowning of a young boy also turned into a privacy breach nightmare for the toddler's adoptive parents, a lawsuit filed against an Oklahoma county hospital alleges.
Google has suspended multiple YouTube channels and videos, as well as blogs, after tying them to phishing attacks and influence operations linked to Iran's state media. The technology giant's moves coincided with similar efforts by Facebook and Twitter.
Security thought leaders have long called for organizations to shift from a conventional "peacetime" view of cybersecurity to more of a "wartime" mindset. Aetna CSO Jim Routh now says it's time for enterprises to shift from conventional to unconventional security controls.
A website that appeared to be part of a phishing campaign designed to gain access to the Democratic National Committee's voter database has turned out to be part of an uncoordinated security exercise. The false alarm has highlighted the benefit of actively monitoring for election interference.
Too many organizations leverage advanced threat intelligence merely to detect indicators of compromise. But Brian Hussey of Trustwave wants to help them mine actionable threat intelligence to truly bolster enterprise defenses.
Timing incident response actions correctly helps with rapid remediation and enables taking full control of the environment, says Mandiant's Steven D'sa.
Unsupervised machine learning is essential to mitigate the sophisticated cross-channel fraud techniques attackers are using to take advantage of the multiple silos and security gaps at financial institutions, says ThetaRay's James Heinzman
Leading the latest edition of the ISMG Security Report: An analysis of why it may be too late to secure the 2018 U.S. midterm elections. Also: A close look at the Anthem breach lawsuit settlement and a report on ransomware recovery lessons learned.
Apache has released an emergency fix for its Struts web application framework to patch a flaw that attackers can exploit to take full control of the application. Some incident response experts, based on the severity of breaches they've investigated, recommend dropping Struts altogether.
Blockchain has potential for identity-based applications, but there are many aspects of identity and access management that a blockchain alone doesn't solve, says Ian Yip of McAfee.
Microsegmentation is an effective way for defenders to limit the amount of access an attacker has inside a data center and stop lateral movement, says Stanley Hsu of Illumio.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.