Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Keeper, a password manager that is now installed by default in Windows 10, was affected by a critical vulnerability that exposed passwords [Read More]
An information security policy should reflect the value of the data being protected -- but this assumes that the value of data is understood. [Read More]
Synaptics to remove debug tool from its touchpad drivers after it was described by a security researcher as a keylogger [Read More]
Google has shared detailed information on how it protects service-to-service communications within its infrastructure at the application layer and the the system it uses for data protection. [Read More]
Cisco announces availability of Security Connector, an iOS app that gives organizations visibility and control for mobile devices [Read More]
Products from F5, Cisco, Citrix and others vulnerable to new version of old crypto attack. Facebook, PayPal and other top websites impacted [Read More]
Study conducted by Accenture and AMA shows that a majority of physicians in the US have experienced a cybersecurity incident, including phishing, malware and inappropriate access by insiders [Read More]
Microsoft used the same certificate for all instances of its Dynamics 365 ERP product and it took more than 100 days to take action, but the company claims the issue posed little risk [Read More]
Synaptics touchpad driver present on hundreds of HP laptops includes keylogging functionality. Patches available for a majority of affected devices [Read More]
New functionality added by Onapsis to its security platform allows SAP customers to check if they are GDPR-compliant [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Travis Greene's picture
Whether US government officials improve their handling of classified information in the new administration or not, industry can certainty learn from the blunders and reduce risks.
Eddie Garcia's picture
To reduce the chances of falling victim to an insider-driven breach, security and risk professionals should start by learning what their available data can tell them.
Aditya Sood's picture
The cloud is here to stay, and so long as employees use cloud apps from within an organization’s firewall, we’ll always have to wrangle with Shadow IT, Shadow Data and the attendant problems and risks.
Steven Grossman's picture
Beginning November 30, 2016, DoD third party contractors will be required to establish and maintain an insider threat program.
Eddie Garcia's picture
This article explains how to encrypt data in a Hadoop cluster. The tools are available, and if you are brave enough, you could attempt this at home.
Eddie Garcia's picture
A common misconception about native HDFS encryption is the belief that the data is encrypted when written to disk on the data nodes like most disk encryption solutions.
Torsten George's picture
Google Dorking can be used to identify vulnerable systems and trace them to a specific place on the Internet.
Bill Sweeney's picture
Enterprises have to worry about the surface area that is open for attack and the challenge of detecting attacks quickly when they are occurring. In every instance simplification will help.
Wade Williamson's picture
Data science and machine learning models can assess large groups of cyber threats to find the subtle traits they have in common to better protect organizations.
Tim Layton's picture
The value of identifying your organization’s information out on the Dark Web can serve as a first-line indicator of a new breach that otherwise may go undetected for long periods of time.