Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Automated third-party security lifecycle management provider Panorays this week announced it raised $15 million as part of a Series A funding round. [Read More]
Chinese tech giant Huawei is asking a U.S. federal court to throw out a rule that bars rural phone carriers from using government money to purchase its equipment on security grounds. [Read More]
A group of Democratic U.S. senators is questioning Amazon about the security of its Ring doorbell cameras following reports that some Ukraine-based employees had access to video footage from customers’ homes. [Read More]
NSA publishes advisory to provide information on possible mitigations for risks associated with Transport Layer Security Inspection (TLSI). [Read More]
CyberCube Analytics, startup that offers cyber risk analytics solutions for the insurance industry, has secured $35 million through a Series B funding round. [Read More]
It took ABB five years to inform customers of a critical vulnerability affecting one of its plant historian products and the researcher who found it believes threat actors may have known about the flaw. [Read More]
A major exercise whose goal was to test the cyber and physical security of North America’s grid has enabled the energy industry and governments to review and improve incident response plans and collaboration. [Read More]
Backend operation services provider InfoTrax Systems has reached a settlement with the FTC over a data breach discovered in 2016. [Read More]
Canada's spy agencies are divided over whether or not to ban Chinese technology giant Huawei from fifth generation (5G) networks over security concerns. [Read More]
Cybersecurity firm Proofoint has agreed to acquire ObserveIT, a Boston, Mass.-based provider of insider threat management solutions. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Josh Lefkowitz's picture
The successful execution of each step of the intelligence cycle relies on the successful execution of the step that came before it.
Fred Kneip's picture
Third party cyber risk management programs need to go beyond an initial scan and evaluate your third party’s security from the inside out.
Josh Lefkowitz's picture
It’s crucial to recognize that annual security predictions generally only include that which can be feasibly predicted by the final months of the prior year.
Marie Hattar's picture
The solution: every week, devote at least two hours to basic cyber hygiene. Four best practices will help your team build habit from repetition.
Joshua Goldfarb's picture
Security metrics is a topic that, while challenging, is also important and at the top of the priority list for security organizations. Here are five tips for leveraging security metrics to keep your organization out of the lion’s den.
Craig Harber's picture
As long as organizations continue to employ simplistic “set it and forget it” security approaches, they will be forced into playing reactive, catch-up defense against cyber attackers.
Fred Kneip's picture
Employing a third party adds risk, especially if that company is given some level of access to network and computing resources, or is asked to handle and protect critical or proprietary information.
Marc Solomon's picture
National Cybersecurity Awareness Month (NCSAM) is a great vehicle to raise awareness for cybersecurity and to remind every organization that the ability to improve security operations begins with contextual awareness.
Josh Lefkowitz's picture
Here’s a crash-course on the intelligence cycle and how you can apply and derive value from its core principles—no matter your role or security discipline:
Torsten George's picture
Until government agencies start implementing identity-centric security measures, account compromise attacks will continue to provide a perfect cover for data breaches.