Security Experts:

More Security Headlines

Cisco has been analyzing its products to determine which of them are affected by the recently disclosed Secure Sockets Layer (SSL) version 3 protocol flaw dubbed Padding Oracle On Downgraded Legacy Encryption (POODLE).
In an effort to ensure that its advertising system is not plagued by any security bugs, Facebook has decided to double the amount of money it awards to researchers who identify vulnerabilities in the social media network's ads code.
The Securities Industry and Financial Markets Association released recommendations for to guide the creation of cybersecurity regulations affecting the financial industry
PHP released versions 5.6.2, 5.5.18 and 5.4.34 of the scripting language. In addition to some functionality bugs, the latest releases address a series of security-related flaws.
Security updates released by Apple last week address a series of vulnerabilities, including the recently uncovered SSL 3.0 flaw (CVE-2014-3566) that can be leveraged to obtain potentially sensitive information from encrypted communications.
Trend Micro researchers say the Sandworm team identified last week may be targeting SCADA systems.
Researchers have found a way to trick Android users into executing potentially malicious applications by hiding them inside innocent-looking image files.
The 2014 ICS Cyber Security Conference will address real world problems and discuss actual ICS cyber incidents, many of which have never been told before.
FBI chief James Comey renewed a call for broader authority to tap into emerging technologies, saying the Edward Snowden revelations have led to unwarranted mistrust of law enforcement.
Researchers have found that the components of the FDT/DTM specification, designed to ease the management of industrial control systems (ICS) contains serious vulnerabilities.

SecurityWeek Experts

rss icon

Adam Firestone's picture
The imposition of externally-defined cybersecurity methodologies and solutions on both government and critical infrastructure programs hasn’t proven effective. Fortunately, the political and technical winds are shifting
Torsten George's picture
To limit the risk of having drive-by malware attacks planted on their websites, organizations should monitor the payload of their different Internet properties, which for larger organizations can easily become a huge undertaking.
Joshua Goldfarb's picture
As information security professionals, it is tempting to become enamored with the beauty or elegance of a technical solution, analytical technique, or investigative outcome.
Scott Simkin's picture
The network edge is the ideal location for quickly preventing the vast majority of attacks, but looking forward, you should consider how pervasive deployments can stop the new breed of advanced attack.
James McFarlin's picture
Very little will get a board of directors’ attention as quickly as a cyber data breach with its attendant risks of damage to market capitalization, competitive advantage and brand reputation.
Marc Solomon's picture
Advancing our security controls isn’t going to happen overnight. But we are well on our way with technology and capabilities that are already headed in this direction, implementing dynamic controls to see more, learn more, and adapt quickly.
Rebecca Lawson's picture
There is a widening gap between detection of a threat and enforcement that causes the threat to stop at the firewall, rather than play out its malicious intent.
Mark Hatton's picture
Software and hardware alone are not enough to manage a massive enterprise security program. You need security professionals and experienced leaders who can keep the team (and the tools) operating effectively.
Jason Polancich's picture
Las Vegas has created a market-proven, repeatable formula for business success. For enterprises competing each and every day with cybercriminals, what if we were to apply these same principles to enterprise cybersecurity?
Eddie Garcia's picture
Many features are available for Apache Hadoop that can help enterprises pass internal and external security requirements and audits.