Security Experts:

Management & Strategy
long dotted

NEWS & INDUSTRY UPDATES

Public bug bounty program launched for WordPress CMS, WordPress.org websites, BuddyPress, bbPress and GlotPress [Read More]
Join SecurityWeek and Rapid7 for actionable takeaways from penetration testing engagements, and see how customers are combining detection technologies to find intruders earlier in the attack chain. [Read More]
Shadow Brokers are back with a new offer: pay a monthly fee and receive exploits, and data from SWIFT/banks and nuclear programs [Read More]
Hackers breached DocuSign systems and stole email addresses, which they used in a spam campaign designed to deliver malware [Read More]
Experts and vendors warn that industrial control systems (ICS) are also at risk of getting hit by WannaCry ransomware attacks [Read More]
The U.S. government’s General Services Administration (GSA) announced the launch of a bug bounty program with rewards of up to $5,000 [Read More]
HP has removed the keylogger functionality found by researchers in audio drivers provided for 28 laptops and tablet PCs [Read More]
Cybersecurity investment firm Allegis Capital announced on Friday that former FireEye CEO David DeWalt is joining as a venture partner. [Read More]
Industry experts comment on the implications of U.S. President Donald Trump’s executive order on cybersecurity [Read More]
Vanilla Forums rushed to update its software after a researcher released details and exploits for a couple of vulnerabilities [Read More]

FEATURES, INSIGHTS // Management & Strategy

rss icon

Torsten George's picture
Unfortunately, a significant portion of information security resources are consumed by data gathering and aggregation processes.
Avi Chesla's picture
At the end of the day, CISOs are finding it very challenging to be able to assess the performance of the security products in their organization’s arsenal.
Steven Grossman's picture
Without visibility into your information assets, their value, where they live, how they relate to each other and who has access to them, any strategy for protection would be inherently incomplete and ineffective.
Adam Meyer's picture
In the cyber threat intelligence space, there is confusion (much of which is driven by vendors)... where threat information is positioned as finished intelligence.
Joshua Goldfarb's picture
Organizations should not be lured into a false sense of security if they deal in information or data that are not typically sought after by nation-state attackers.
Lance Cottrell's picture
Wouldn’t it be great if cyber security teams could spend more time acting like the doctors and surgeons who work away from emergency rooms and ICUs?
Josh Lefkowitz's picture
Digital risk monitoring is a helpful tool for organizations that already have rich intelligence and not just data. Failing to distinguish between the two can be problematic.
Torsten George's picture
There are several steps that both information security and DevOps teams can take to minimize their attack surface in the context of these emerging technologies and development practices.
Marc Solomon's picture
A threat intelligence platform (TIP) needs to operationalize and apply intelligence as the glue to reduce fragmentation.
Travis Greene's picture
April is Stress Awareness Month. With the pace of constantly-evolving threats, budget battles and security apathy from users, it isn’t a stretch to imagine that stress is a part of the job in IT security.