Security Experts:

Management & Strategy
long dotted

NEWS & INDUSTRY UPDATES

Apple’s initial analysis shows that the iPhone and Mac exploits disclosed by WikiLeaks have already been patched, and the company told WikiLeaks to submit vulnerabilities through the normal process [Read More]
WikiLeaks releases documents describing Apple device hacking tools used by the CIA. Most require physical access to the targeted device [Read More]
A 'Discussion Draft' bill called the Active Cyber Defense Certainty Act would remove parts of the CFAA that effectively prevent private business from taking their own action against hackers. [Read More]
New study from Dragos shows that non-targeted malware hits roughly 3,000 unique industrial sites a year and targeted ICS attacks are not so rare [Read More]
A new bill, S536, cited as the 'Cybersecurity Disclosure Act of 2017', seeks to require a board level statement of cyber security expertise or practice in annual SEC filings. [Read More]
Hundreds of Cisco switches are affected by a critical zero-day vulnerability found by the vendor during its analysis of WikiLeaks’ Vault 7 files [Read More]
White hat hackers earned tens of thousands of dollars for finding critical vulnerabilities in GitHub Enterprise [Read More]
Windows, macOS, Edge, Safari, Flash Player and Firefox were hacked on the second day of the Pwn2Own 2017 competition [Read More]
Intel launches first bug bounty program with rewards of up to $30,000 for critical vulnerabilities in the company’s hardware [Read More]
On day one of Pwn2Own 2017, participants hacked Microsoft Edge, Safari, Ubuntu and Adobe Reader [Read More]

FEATURES, INSIGHTS // Management & Strategy

rss icon

Rafal Los's picture
If enterprise information security is to make stride in a positive direction we need less of the self-aggrandizing “expert” and more of those who can aggregate and distill tribal knowledge into wisdom.
Josh Lefkowitz's picture
Executive protection and physical security teams must leverage cyber threat intelligence to gain visibility into all relevant cyber and physical threats and ensure open collaboration and information sharing with all business functions.
Erin O’Malley's picture
In cybersecurity, basic hygiene is a must. You could implement every eye-catching security tool on the market, but without good, clean hygiene and the ability to deliver tools the right data at the right time, they’ll never shine their brightest.
Jennifer Blatnik's picture
If CISOs took a page from physicians and worked together to share missteps and move forward, they could gain crucial security learnings and prevent the spread of attacks.
Marc Solomon's picture
Companies can make their entire security infrastructure more effective by using this threat intelligence as the glue to integrate layers of point products within a defense-in-depth strategy.
Travis Greene's picture
If there are only five controls that a security organization can reasonably tackle this year, what should they be?
Torsten George's picture
Cyber security and cyber threats are most often confused with cyber risk, and often used interchangeably, but they are worlds apart.
Avi Chesla's picture
Security analysts are collecting all events, but are struggling to filter out non-relevant signals in an attempt to isolate the important events from the rest of the noise.
Jennifer Blatnik's picture
Every year, countless security vendors roam the show floor at RSA, promising that their latest revolutionary tool is going to solve the entire world’s security problems.
Scott Simkin's picture
While there were many amazing startups with great ideas at RSA this year, I fear they will struggle to convince new customers that “yet another dashboard” or source of threat analytics or intelligence is going to improve their cybersecurity posture.