Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

The Magecart hackers have managed to infect over 17,000 domains by targeting improperly secured Amazon S3 buckets, RiskIQ reports. [Read More]
The Forum of Incident Response and Security Teams (FIRST) announces CVSS v3.1, which aims to simplify and improve upon CVSS v3.0. [Read More]
Premera Blue Cross, the largest health insurer in the Pacific Northwest, has agreed to pay $10 million to 30 states following an investigation into a data breach that exposed confidential information on more than 10 million people across the country. [Read More]
Google contractors regularly listen to and review some recordings of what people say to artificial-intelligence system Google Assistant, via their phone or through smart speakers such as the Google Home. [Read More]
Mozilla is taking the first step toward denying a request by United Arab Emirates-based DarkMatter to be included as a top-level certificate authority in Mozilla’s root certificate program. [Read More]
An Exploit Prevention update released recently by McAfee for Endpoint Security is blocking Windows users from logging on to their systems, and some major organizations appear to be affected. [Read More]
Researchers have detected a new DNS hijacking technique they believe to be connected to the "Sea Turtle" threat actors. [Read More]
San Francisco-based privacy compliance and data protection firm TrustArc raises $70 million in a Series D funding round. [Read More]
Marriott International says it will fight a large fine resulting from a massive data breach that was discovered in 2018. [Read More]
U.S. Coast Guard recently warned commercial vessel owners and operators of malware and phishing attacks and potential vulnerabilities in shipboard systems. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Laurence Pitt's picture
While security spending is on the increase, it’s up to us as experienced security practitioners to make the most of this spend with a clear ROI that can be reported to the business.
Alastair Paterson's picture
If it takes a whole village to raise a child, it takes a whole community of vendors and business partners to build a secure data environment.
Preston Hogue's picture
ChatOps offers a bridge to a fully realized vision for DevSecOps, offering a much quicker path to resolution for both security and non-security issues.
Torsten George's picture
Companies should consider moving to a Zero Trust approach, powered by additional security measures such as multi-factor authentication, to stay ahead of the security curve and leave passwords behind for good.
Laurence Pitt's picture
“The Cloud Wars” may be dominating IT news headlines, but what does this phrase actually mean? And is it something that an enterprise needs to be concerned with?
Gunter Ollmann's picture
To the surprise of many, public cloud appears to be driving a renaissance in adoption and advancement of managed security service providers (MSSP).
Jim Ducharme's picture
The ultimate goal for identity and access management (IAM) is not to find the unbreakable or “unhackable” code for authentication; rather, it’s to layer security to create a much stronger identity assurance posture.
Joshua Goldfarb's picture
Despite all of the money pumped into security on an annual basis, many of the same issues and challenges persist from year to year.
Preston Hogue's picture
If done right and integrated throughout the process, security ends up being not a source of friction, but a function that protects the business, at the speed of business.
Torsten George's picture
Using Zero Trust Privilege services can extend corporate security policies and best practices to cloud environments, while reducing costs, improving scalability across multi-VPCs, -SaaS, and -directory environments, and minimizing security blind spots through centralized management.