Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Partner Management: Assessing Compliance Capability And Willingness
The first step is to determine the partner's understanding of its responsibility and ability to comply
Partner Management: Compliance Program Is Essential
Understanding the risk associated with a partner relationship and managing it accordingly is key
Five Ways To Secure The Consumer IT Invasion At Work
Companies have had to deal with increasing amounts of worker-owned device in the networks
PCI Rules Apply Even On Black Friday
Uptime might be the name of the game during the holiday shopping season, but retailers need to balance the focus with security and compliance best practices
Firms Slow To Secure Flaws In Embedded Devices
While operating systems and PC applications have evolved fast patch mechanisms, the proliferation of slow-to-patch embedded devices leaves companies vulnerable
APT Or Not APT? Discovering Who Is Attacking The Network
Corporate networks face a variety of attacks every day, yet pinpointing the most serious attacks are no easy matter
Baking Strong Authentication Into Client Devices
MasterCard, Symantec's VeriSign VIP support new Intel Core two-factor authentication technology
Survey Shows Slack Security 'Tudes
One-third of users say security policy doesn't matter, and one-fourth don't worry about security
Teaming Up To Take Down Threats
Security professionals are leery of one-way public-private partnerships, but Operation Ghost Click shows that the model is necessary to take on international threats
Companies Should Embrace, Not Fear, The iPad
The mobile devices bring a different set of threats, but more employees on hard-to-hack tablets means better security
Financial Institutions Shoring Up Compliance Plans For FFIEC Deadline
Most large to midsize banks are well on their way with at least a road map to comply with tougher FFIEC authentication and anti-fraud guidelines
Half Of All The World's Spam Now Out Of Asia
New Sophos 'Dirty Dozen' spam report still has the U.S. as the No. 1 spammer, but South Korea becoming a major producer as well
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
