Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The NotPetya malware attack caused a disruption of worldwide operations for pharma giant Merck [Read More]
Virgin America, WestJet and Spirit alert customers and employees about breaches, data leaks and credential stuffing attacks [Read More]
A security issue related to a VMware API allows vSphere users with limited privileges to access the guest OS without authentication [Read More]
Hundreds of organizations may be exposing sensitive information via misconfigured Google Groups [Read More]
Dow Jones has exposed the details of millions of customers via a misconfigured AWS S3 bucket [Read More]
IBM has announced its latest version of its mainframe, the IBM Z14, which it calls "the most significant re-positioning of mainframe technology in more than a decade." [Read More]
Owner of cheating service Ashley Madison offers to pay $11.2 million to settle data breach lawsuits [Read More]
Dell introduces new version of Endpoint Security Suite Enterprise for air-gapped systems using Cylance technology [Read More]
Researchers recently discovered an issue with improperly configured Oracle Access Manager (OAM) 10g that can be exploited by remote attackers to hijack sessions from unsuspecting users. [Read More]
Human error led to the personal details of millions of Verizon customers being exposed online, but the telecoms giant has downplayed the incident [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Steven Grossman's picture
Organizations are increasingly combining UEBA technology with other data sources and analytics methods to overcome cyber risk challenges on a broader scale.
Alastair Paterson's picture
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.
Erin O’Malley's picture
The CIA conducts extensive background investigations and requires polygraph examinations to gain a security clearance, yet a malicious insider apparently made off with a trove of secret CIA hacking tools.
Ashley Arbuckle's picture
The healthcare industry has a lot to gain by digital transformation. However it also has a lot to lose if it doesn’t start with security as a foundation.
Travis Greene's picture
Whether US government officials improve their handling of classified information in the new administration or not, industry can certainty learn from the blunders and reduce risks.
Eddie Garcia's picture
To reduce the chances of falling victim to an insider-driven breach, security and risk professionals should start by learning what their available data can tell them.
Aditya Sood's picture
The cloud is here to stay, and so long as employees use cloud apps from within an organization’s firewall, we’ll always have to wrangle with Shadow IT, Shadow Data and the attendant problems and risks.
Steven Grossman's picture
Beginning November 30, 2016, DoD third party contractors will be required to establish and maintain an insider threat program.
Eddie Garcia's picture
This article explains how to encrypt data in a Hadoop cluster. The tools are available, and if you are brave enough, you could attempt this at home.
Eddie Garcia's picture
A common misconception about native HDFS encryption is the belief that the data is encrypted when written to disk on the data nodes like most disk encryption solutions.