Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Recorded Future launches an in-house initiative that sets aside $20 million to invest in seed-stage and Series A startups in the nascent threat-intelligence space. [Read More]
The White House dropped Trump-era executive orders intended to ban the popular apps TikTok and WeChat and will conduct its own review aimed at identifying national security risks with software applications tied to China. [Read More]
The new Amazon Sidewalk mesh network links tens of millions of Amazon smart devices, each sharing a tiny sliver of their bandwidth to provide a wide network of connectivity even when and where WiFi service is poor or unavailable. What are the privacy and security implications? [Read More]
SAP releases patches for a total of 11 security flaws in NetWeaver, five of which are rated high-severity. [Read More]
Navistar International Corporation confirms data stolen in cyberattack that affected some operations. [Read More]
Energy Secretary Jennifer Granholm on Sunday called for more public-private cooperation on cyber defenses and said U.S. adversaries already are capable of using cyber intrusions to shut down the U.S. power grid. [Read More]
NETSCOUT has warned organizations that STUN servers have been increasingly abused for DDoS attacks — there are 75,000 abusable servers. [Read More]
In an open letter, the White House encourages corporate executives and business leaders to take critical steps to protect organizations and the American public against ransomware. [Read More]
Two members of the notorious Carbanak cybercrime syndicate were sentenced to 8 years in prison, Kazakhstani authorities announced this week. [Read More]
Cisco issues fixes for a wide range of gaping security holes, including three high-risk vulnerabilities in the widely deployed Webex product line. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Landon Winkelvoss's picture
Ineffective security approaches when integrating two separate organizations can lead to significant issues that could undercut the business value of a merger or acquisition.
Landon Winkelvoss's picture
While cyber due diligence has yet to become commonplace in M&A transactions, the consequences of failing to identify risks and active campaigns can have costly implications.
Gunter Ollmann's picture
In the merry-go-round world of InfoSec technologies and “what’s old is new again,” this year we should include Attack Surface Management with a dash of Continuous.
Laurence Pitt's picture
School network administrators should be taking precautions to prepare for the new challenges of the upcoming academic year.
Torsten George's picture
Cyber resilience can be considered a preventive measure to counteract human error, malicious actions, and decayed, insecure software.
Yaniv Vardi's picture
Supply chain cyber risk is complicated and spans the entire lifecycle of a product—across design, manufacturing, distribution, storage, and maintenance.
AJ Nash's picture
For companies trying to build new or mature existing intelligence programs, the Age of COVID has been an excellent time to capture 30-60 minutes with that hard-to-find manager
Torsten George's picture
While the SolarWinds hack is not the first supply chain attack to make headlines, its sophistication and blast radius is forcing organizations to consider how they can minimize their exposure to these types of threats in the future.
AJ Nash's picture
As you build your cyber intelligence program – and have all the vendors lined up to take your money – don’t overlook the importance of investing in the right people.
Laurence Pitt's picture
Many security teams will have to reduce budget against projects scheduled for 2021, with funds being re-allocated to pandemic-related business and workforce enablement