Security Experts:

Management & Strategy
long dotted

NEWS & INDUSTRY UPDATES

Secureworks releases two open source tools, Flowsynth and Dalton, for testing intrusion detection system (IDS) rules [Read More]
WoSign subsidiary StartCom will shut down after major browser vendors banned its certificates [Read More]
1.8 billion Internet posts collected by a contractor for the Pentagon were exposed online due to failure to secure an Amazon cloud storage bucket [Read More]
GitHub warns developers if their project uses a library that is known to have security flaws [Read More]
Cyber insurance firm At-Bay has emerged from stealth with a new model of security cooperation between insured and insurer to reduce risk and exposure to both parties. [Read More]
Hundreds of Moxa devices similar to the ones targeted in the 2015 Ukraine power grid hack are vulnerable to remote attacks [Read More]
Chinese drone maker DJI and a researcher are in an online battle – which could also turn into a legal battle – over the company’s bug bounty program [Read More]
MuddyWater attacks on Middle Eastern entities are difficult to attribute, despite being analyzed by several security firms [Read More]
Kaspersky shares more details from its investigation into reports that Russian hackers stole NSA data using its software [Read More]
Apache CouchDB was affected by critical vulnerabilities that could have allowed remote attackers to escalate privileges and execute code [Read More]

FEATURES, INSIGHTS // Management & Strategy

rss icon

Preston Hogue's picture
Working closely with business groups throughout the process of due diligence fulfills the CISO’s responsibilities and creates a more security-savvy business.
Josh Lefkowitz's picture
It’s crucial to recognize that 2018 will very likely be yet another year of increasingly complex and damaging threats and incidents, which is why we must always build upon and further enhance our intelligence strategies.
Adam Meyer's picture
If your threat intelligence isn’t practical, it’s not really useful. Here are a few examples of practical questions you can ask your threat analyst team.
Travis Greene's picture
The cybersecurity community needs to identify where untapped resources exist in order to move beyond traditional industry practices and contend with this imbalance.
Oliver Rochford's picture
Compared to the perception that security inhibits productivity and innovation, the reality is bad security has a far greater negative impact.
Marc Solomon's picture
Full automation ignores the key inputs from human intelligence. When it comes to “orient” and “decide,” the human element needs to be involved.
Joshua Goldfarb's picture
The way in which the security community typically reacts after certain high profile incidents is somewhat alarming. There are typically two responses, neither of which is particularly appropriate or helpful: Mocking and Ambulance chasing.
Rafal Los's picture
There is no “secure.” The minute you think you can reach that place, you’re already wrong. Worse, you’d doing yourself and your organization a disservice.
Steven Grossman's picture
Despite the significant momentary effect of major breaches on profits, stock prices and careers of company executives, most breaches to date have not had a long term financial effect on the businesses in question.
Josh Lefkowitz's picture
When key decision-makers broaden their mindsets and strategies pertaining to the value and function of intelligence, their organizations can become better positioned to mitigate the cyber and physical risks they face.