Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Nearly 1.4 billion data records were compromised in 2016, according to Gemalto’s latest Breach Level Index [Read More]
FBI warns the healthcare industry that threat actors are targeting FTP servers that have anonymous authentication enabled [Read More]
Apple’s initial analysis shows that the iPhone and Mac exploits disclosed by WikiLeaks have already been patched, and the company told WikiLeaks to submit vulnerabilities through the normal process [Read More]
WikiLeaks releases documents describing Apple device hacking tools used by the CIA. Most require physical access to the targeted device [Read More]
New study from Dragos shows that non-targeted malware hits roughly 3,000 unique industrial sites a year and targeted ICS attacks are not so rare [Read More]
Hundreds of Cisco switches are affected by a critical zero-day vulnerability found by the vendor during its analysis of WikiLeaks’ Vault 7 files [Read More]
White hat hackers earned tens of thousands of dollars for finding critical vulnerabilities in GitHub Enterprise [Read More]
Join this webinar to learn how to measure your cyber risk and establish an effective security framework [Read More]
Financially motivated attackers have become just as sophisticated as state-sponsored actors, says FireEye in 2017 M-Trends report [Read More]
RCE vulnerability in Apache Struts 2 affects several VMware products, including vCenter, DaaS, vROps and Hyperic [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Josh Lefkowitz's picture
It's crucial for healthcare institutions to recognize their industry’s inherent susceptibility to cyber threats and that standards and regulations will, by their nature, always be reactive.
Steven Grossman's picture
The goal of stopping all cyber attacks and preventing all business impact has been recognized as a fool’s errand, and has shifted to measuring risk and minimizing business impacts.
Torsten George's picture
Since most IoT devices and microservices lack adequate security frameworks or tools to monitor and detect security gaps, traditional methods such as penetration testing should be reconsidered despite their hefty price tag.
Torsten George's picture
Faced with hundreds, thousands, and even hundreds of thousands of vulnerabilities across their IT infrastructures leaves security practitioners at a virtually insurmountable disadvantage.
Travis Greene's picture
Unlike the political arena, or even other divisions of the technology industry, when working in IT security, people rarely notice when everything is done perfectly.
Josh Lefkowitz's picture
The pivotal role of cybersecurity during the recent United States presidential election has underscored the critical need to focus on a secure electoral process.
Eddie Garcia's picture
To reduce the chances of falling victim to an insider-driven breach, security and risk professionals should start by learning what their available data can tell them.
Joshua Goldfarb's picture
No one ever said that prioritizing risk, meeting the needs of a complex market, or starting a technology company were easy. But more often than not, the answers we seek are right there in front of us.
Torsten George's picture
Implementing a Zero Trust model represents a dramatic change and requires a well-planned transition that should be complimented by efforts to operationalize cyber risk detection, prevention, and response.
Alastair Paterson's picture
Sophisticated adversaries are finding vulnerabilities wherever they can, and often that means looking to an organization’s partners for weaknesses in defenses.