Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Employee Privacy in a Mobile Workplace
Why businesses need guidelines for managing their employees' personal information -- without compromising on security.
A Security Strategy That Centers on Humans, Not Bugs
The industry's fixation on complex exploits has come at the expense of making fundamentals easy and intuitive for end users.
13 Security Pros Share Their Most Valuable Experiences
From serving as an artillery Marine to working a help desk, infosec practitioners pinpoint experiences that had the greatest influence on their careers.
DevSecOps: The Answer to the Cloud Security Skills Gap
There's a skills and resources gap industrywide, but a DevSecOps approach can go a long way toward closing that gap.
Capture the Flag Planned to Find Missing Persons Information
The competition, launched by SANS and Trace Labs, will put to use open source information in search of new clues.
5 Cybersecurity CISO Priorities for the Future
Seven chief information security officers share their pain points and two-year spending plans.
SHAKEN/STIR: Finally! A Solution to Caller ID Spoofing?
The ubiquitous Caller ID hasn't changed much over the years, but the technology to exploit it has exploded. That may be about to change.
9 Principles to Simplify Security
This isn't a one-size-fits-all situation. Simplify as much as you can, as the saying goes, but no more than that.
Black Hat Q&A: Hacking a '90s Sports Car
Security researcher Stanislas Lejay offers a preview of his upcoming Black Hat Europe talk on automotive engine computer management and hardware reverse engineering.
Raising Security Awareness: Why Tools Can't Replace People
Training your people and building relationships outside of the security organization is the most significant investment a CISO can make.
Quantifying Security Results to Justify Costs
The CISO job isn't to protect the entire business from all threats for any budget. It's to spell out what level of protection executives can expect for a given budget.
9 Ways Data Vampires Are Bleeding Your Sensitive Information
Pull a Van Helsing on those sucking the lifeblood from your data and intellectual property.
Email Threats Poised to Haunt Security Pros into Next Decade
Decentralized threat intel sharing, more public-private collaboration, and greater use of automated incident response are what's needed to combat phishing
Hacking Phones: How Law Enforcement Is Saving Privacy
It's no longer true that society must choose to either weaken everybody's privacy or let criminals run rampant.
Why It's Imperative to Bridge the IT & OT Cultural Divide
As industrial enterprises face the disruptive forces of an increasingly connected world, these two cultures must learn to coexist.
4 Security Lessons Federal IT Pros Can Teach the Private Sector
With a little research and basic planning, small companies can make big strides against the cybersecurity threats they face. Here's how.
It's Time to Improve Website Identity Indicators, Not Remove Them
Why Google and Mozilla are wrong about the benefits of Extended Validation certificates that aim to prevent fraud and protect user privacy.
Report: 2020 Presidential Campaigns Still Vulnerable to Web Attacks
Nine out of 12 Democratic candidates have yet to enable DNSSEC, a simple set of extensions that stops most targeted domain-based attacks.
The AI (R)evolution: Why Humans Will Always Have a Place in the SOC
In cybersecurity, the combination of men, women and machines can do what neither can do alone -- form a complementary team capable of upholding order and fighting the forces of evil.
Keeping Too Many Cooks out of the Security Kitchen
A good security team helps the business help itself operate more securely -- soliciting input while adhering to a unified strategy, vision, goals, and priorities.
SOC Puppet: Dark Reading Caption Contest Winners
Social engineering, SOC analysts, and Sock puns. And the winners are:
Smart Prevention: How Every Enterprise Can Create Human Firewalls
Organizations of all sizes should include both human firewalls and virtual tools in their cybersecurity budgets.
How to Think Like a Hacker
In the arms race of computer security, it's never been more important to develop an adversarial mindset that can identify assumptions and determine if and how they can be violated.
Virginia a Hot Spot For Cybersecurity Jobs
State has highest number of people in information security roles and the most current job openings, Comparitech study finds.
A Realistic Threat Model for the Masses
For many people, overly restrictive advice about passwords and other security practices is doing more harm than good. Here's why.
Utilities' Operational Networks Continue to Be Vulnerable
More than half of utilities have suffered an outage or data loss in the last 12 months, but only a minority of organizations seem ready for an attack that could affect operations, a survey finds.
Lack of Role Models, Burnout & Pay Disparity Hold Women Back
New ISACA data emphasizes a gap between men and women who share their opinions on underrepresentation of women and equal pay in the tech industry.
'Father of Identity Theft' Convicted on 13 Federal Counts
James Jackson, a 58-year-old Memphis resident, used the identities of deceased individuals to steal money from banks and the estates of the dead.
Navigating Your First Month as a New CISO
The single most important thing you can do is to start building the relationships and political capital you'll need to run your security program. Here's how.
DevSecOps: Recreating Cybersecurity Culture
Bringing developers and security teams together guided by a common goal requires some risk-taking. With patience and confidence, it will pay off. Here's how.
How Intel Unlocks the Powerful Potential of Diversity in Cybersecurity
Sparking cultural shifts within an organization -- and throughout an entire industry -- can feel like a monumental task, but the juice is well worth the squeeze.
Preventing PTSD and Burnout for Cybersecurity Professionals
The safety of our digital lives is at stake, and we need to all do our part in raising awareness of these issues.
No Quick Fix for Security-Worker Shortfall
Security professionals see acquiring skills as the way forward, but only half of companies are training their workers, with more continuing to search for highly skilled employees.
Taking a Fresh Look at Security Ops: 10 Tips
Maybe you love your executive team, your security processes, tools, or strategy. Maybe you hate them. Whatever the situation, it's likely at some point that things will have changed.
Security Leaders Share Tips for Boardroom Chats
Cisco, Oracle, and LinkedIn security leaders share their challenges in communicating with business teams and advice for how CISOs can navigate the relationship.
A Definitive Guide to Crowdsourced Vulnerability Management
Knowing about a bug and actually securing it are very different things. These six steps will get you from "oh, sh*t" to fixed.
Automation: Friend of the SOC Analyst
Faced by increasingly sophisticated threats, organizations are realizing the benefits of automation in their cybersecurity programs.
Bug Bounties Continue to Rise, but Market Has Its Own 1% Problem
The average payout for a critical vulnerability has almost reached $3,400, but only the top bug hunters of a field of 500,000 are truly profiting.
10 Low-Cost (or Free!) Ways to Boost Your Security AI Skills
The following hardware and software options will amplify your know-how about artificial intelligence and how to apply it to security — without busting any budgets.
Beat the Heat: Dark Reading Caption Contest Winners
Phishing, token codes, training, MFA, polluted data entry, and whales. And the winners are ...
Does Personality Make You Vulnerable to Cybercrime?
A new study explores the connections between personality traits and susceptibility to different cyberattacks.
2019 Pwnie Award Winners (And Those Who Wish They Weren't)
This year's round-up includes awards into two new categories: most under-hyped research and epic achievement.
Dark Reading News Desk Live at Black Hat USA 2019
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
Black Hat 2019: Security Culture Is Everyone's Culture
In his Black Hat USA keynote, Square's Dino Dai Zovi discussed lessons learned throughout his cybersecurity career and why culture trumps strategy.
Security & the Infinite Capacity to Rationalize
To improve the security posture of our organizations, we must open our eyes to rationalization and put an end to it with logic. Here's how.
Black Hat: A Summer Break from the Mundane and Controllable
Enjoy the respite from the security tasks that await you back at home. Then prepare yourself for the uphill battles to come. Here's how.
SecOps Success Through Employee Retention
To keep your turnover low, focus on these areas: compensation, advancement opportunities, training, and environment.
Transforming 'Tangible Security' into a Competitive Advantage
Today's consumers want to see and touch security. Meeting this demand will be a win-win for everyone, from users to vendors to security teams.
Black Hat Q&A: Inside the Black Hat NOC
Cybersecurity expert Bart Stump explains what it’s like to reliably deliver a useful, high-security network for one of the toughest audiences in the world.
Security Training That Keeps Up with Modern Development
Black Hat USA speakers to discuss what it will take to 'shift knowledge left' to build up a corps of security-savvy software engineers.
|
Latest Comment: -when I told you that our cyber-defense was from another age
Navigating the Deluge of Security DataIn this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industry’s conventional wisdom. Here’s a look at what they’re thinking about.
Tweet This
1 Comments
