Security Experts:

More Security Headlines

The UN Human Rights Council appointed an investigator to look into violations of digital privacy rights, following revelations of large-scale cyber-snooping by Washington and others.
Cybercriminals have been leveraging a vulnerability in a popular WordPress plugin to redirect the visitors of thousands of websites to exploit kits.
A spate of vulnerabilities affecting pfSense have been patched.
PhishMe, a company that helps organizations teach security awareness by educating employees on how to identify Phishing attacks, has raised $13 million in Series B funding.
Partial plaintext data can be obtained from SSL/TLS communications through an attack that leverages a 13-year-old vulnerability. The attack method has been dubbed Bar Mitzvah.
North Korea denied involvement in cyber-attacks on South Korea's nuclear power plant operator, accusing Seoul of fabricating a story to shift the blame for high cross-border tensions.
Cisco has released security updates to address a total of 16 vulnerabilities affecting Cisco IOS software.
Cybercriminals are taking advantage of smartphones and mobile malware to rake in significant profits through sextortion schemes, a report from Trend Micro has found.
The House Intelligence Committee introduced legislation this week offering companies liability protection when they share cyber-threat indicators with the government or each other.
A survey by Bit9+Carbon Black shows that an estimated 2.7 million servers will remain unprotected after Windows Server 2003 reaches end of life.

SecurityWeek Experts

rss icon

Joshua Goldfarb's picture
While intelligence is a critical component of a mature security program, it should not drive security. A risk-driven approach provides a much more comprehensive and scientific approach that allows organizations to keep pace with today’s sophisticated threats.
Wade Williamson's picture
By establishing an enterprise-wide context focused on key assets and user behaviors, organizations can build a unified security framework that encompasses all locations and all of their assets.
Rafal Los's picture
As long as the “hikers and bear” analogy is told in boardrooms we will have difficulty communicating the value of a proportionate security model where we design security measures for different types of adversaries with different types of objectives.
Nate Kube's picture
Nate introduces various perspectives on cybersecurity as a moniker, shares some illuminating data, and presents a vernacular to move our field forward.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
David Holmes's picture
Normally you wouldn’t think something as mundane as farming equipment could incite a lot of cyber malice, right? But that’s exactly what happened.
Eddie Garcia's picture
Eddie Garcia explains how to grant user permissions to a subset of data in Hadoop and limit the type of operations the user is allowed to perform.
Adam Ely's picture
While mobile security remains at the top of every CISO’s priority list this year, enterprises have quickly begun to realize that mobile device management (MDM) and enterprise mobility management (EMM) are not enough to keep data safe.
Jason Polancich's picture
If used properly, your cyber data itself can be a treasure trove of information that’s every bit as valuable - and effective - as a survey or a focus group.
Marc Solomon's picture
To help CISOs develop a manifesto, these five principles can serve as a baseline as they strive to become more dynamic in their approach to security, and more adaptive and innovative than adversaries.