Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Why DPOs and CISOs Must Work Closely Together
Recent data protection laws mean that the data protection officer and CISO must work in tandem to make sure users' data is protected.
7 Tips for Infosec Pros Considering A Lateral Career Move
Looking to switch things up but not sure how to do it? Security experts share their advice for switching career paths in the industry.
Phishing Today, Deepfakes Tomorrow: Training Employees to Spot This Emerging Threat
Cybercriminals are evolving their tactics, and the security community anticipates voice and video fraud to play a role in one of the next big data breaches -- so start protecting your business now.
CISO Resigns From Pete Buttigieg Presidential Campaign
The only Democratic campaign known to have a CISO loses Mick Baccio due to a "fundamental philosophical difference with campaign management."
ISACs Join Forces to Secure the Travel Industry
Together, the Travel & Hospitality ISAC and the Retail & Hospitality ISAC intend to improve communications and collaboration about the evolving threat landscape.
6 Traits to Develop for Cybersecurity Success
Cultivate these half-dozen qualities and watch your career soar.
How a Password-Free World Could Have Prevented the Biggest Breaches of 2019
If history has taught us anything, it's that hackers can (and will) compromise passwords. Innovation in authentication technology is poised to change that in the coming year.
5 Security Resolutions to Prevent a Ransomware Attack in 2020
Proactively consider tools to detect anomalous behavior, automatically remediate, and segment threats from moving across the network.
Your First Month as a CISO: Forming an Information Security Program
It's easy to get overwhelmed in your new position, but these tips and resources will help you get started.
Higher Degree, Higher Salary? Not for Some Security Pros
Turns out, skill beats experience and an academic degree doesn't guarantee higher compensation for five security positions.
Talking to the Board about Cybersecurity
A chief financial officer shares five winning strategies for an effective board-level conversation about right-sizing risk.
Don't Make Security Training a 'One-and-Done'
How to move beyond one-off campaigns and build a true security awareness program.
Lessons from the NSA: Know Your Assets
Chris Kubic worked at the National Security Agency for the past 32 years, finishing his tenure as CISO. He talks about lessons learned during his time there and what they mean for the private sector.
5 Tips for Keeping Your Security Team on Target
In nearly every security environment, competing priorities are a constant battleground. Here's how to keep the focus on what's important.
Success Enablers or Silent Killers?
These five success enablers will help CISOs report, measure, and demonstrate ROI to the C-suite.
Navigating Security in the Cloud
Underestimating the security changes that need to accompany a shift to the cloud could be fatal to a business. Here's why.
What Security Leaders Can Learn from Marketing
Employees can no longer be pawns who must be protected all the time. They must become partners in the battle against threats.
Cybersecurity Team Holiday Guide: 2019 Gag Gift Edition
Make your favorite security experts laugh with these affordable holiday gifts.
5 Ways to Champion and Increase Your 2020 Security Budget
Give your organization's leadership an impactful, out-of-office experience so they know what's at stake with their budgeting decisions.
6 Top Nontechnical Degrees for Cybersecurity
A computer science degree isn't the only path into a cybersecurity career.
The 'Department of No': Why CISOs Need to Cultivate a Middle Way
A chief information security officer's job inherently involves conflict, but a go-along-to-get-along approach carries its own vulnerabilities and risks.
Employee Privacy in a Mobile Workplace
Why businesses need guidelines for managing their employees' personal information -- without compromising on security.
A Security Strategy That Centers on Humans, Not Bugs
The industry's fixation on complex exploits has come at the expense of making fundamentals easy and intuitive for end users.
13 Security Pros Share Their Most Valuable Experiences
From serving as an artillery Marine to working a help desk, infosec practitioners pinpoint experiences that had the greatest influence on their careers.
DevSecOps: The Answer to the Cloud Security Skills Gap
There's a skills and resources gap industrywide, but a DevSecOps approach can go a long way toward closing that gap.
Capture the Flag Planned to Find Missing Persons Information
The competition, launched by SANS and Trace Labs, will put to use open source information in search of new clues.
5 Cybersecurity CISO Priorities for the Future
Seven chief information security officers share their pain points and two-year spending plans.
SHAKEN/STIR: Finally! A Solution to Caller ID Spoofing?
The ubiquitous Caller ID hasn't changed much over the years, but the technology to exploit it has exploded. That may be about to change.
9 Principles to Simplify Security
This isn't a one-size-fits-all situation. Simplify as much as you can, as the saying goes, but no more than that.
Black Hat Q&A: Hacking a '90s Sports Car
Security researcher Stanislas Lejay offers a preview of his upcoming Black Hat Europe talk on automotive engine computer management and hardware reverse engineering.
Raising Security Awareness: Why Tools Can't Replace People
Training your people and building relationships outside of the security organization is the most significant investment a CISO can make.
Quantifying Security Results to Justify Costs
The CISO job isn't to protect the entire business from all threats for any budget. It's to spell out what level of protection executives can expect for a given budget.
9 Ways Data Vampires Are Bleeding Your Sensitive Information
Pull a Van Helsing on those sucking the lifeblood from your data and intellectual property.
Email Threats Poised to Haunt Security Pros into Next Decade
Decentralized threat intel sharing, more public-private collaboration, and greater use of automated incident response are what's needed to combat phishing
Hacking Phones: How Law Enforcement Is Saving Privacy
It's no longer true that society must choose to either weaken everybody's privacy or let criminals run rampant.
Why It's Imperative to Bridge the IT & OT Cultural Divide
As industrial enterprises face the disruptive forces of an increasingly connected world, these two cultures must learn to coexist.
4 Security Lessons Federal IT Pros Can Teach the Private Sector
With a little research and basic planning, small companies can make big strides against the cybersecurity threats they face. Here's how.
It's Time to Improve Website Identity Indicators, Not Remove Them
Why Google and Mozilla are wrong about the benefits of Extended Validation certificates that aim to prevent fraud and protect user privacy.
Report: 2020 Presidential Campaigns Still Vulnerable to Web Attacks
Nine out of 12 Democratic candidates have yet to enable DNSSEC, a simple set of extensions that stops most targeted domain-based attacks.
The AI (R)evolution: Why Humans Will Always Have a Place in the SOC
In cybersecurity, the combination of men, women and machines can do what neither can do alone -- form a complementary team capable of upholding order and fighting the forces of evil.
Keeping Too Many Cooks out of the Security Kitchen
A good security team helps the business help itself operate more securely -- soliciting input while adhering to a unified strategy, vision, goals, and priorities.
SOC Puppet: Dark Reading Caption Contest Winners
Social engineering, SOC analysts, and Sock puns. And the winners are:
Smart Prevention: How Every Enterprise Can Create Human Firewalls
Organizations of all sizes should include both human firewalls and virtual tools in their cybersecurity budgets.
How to Think Like a Hacker
In the arms race of computer security, it's never been more important to develop an adversarial mindset that can identify assumptions and determine if and how they can be violated.
Virginia a Hot Spot For Cybersecurity Jobs
State has highest number of people in information security roles and the most current job openings, Comparitech study finds.
A Realistic Threat Model for the Masses
For many people, overly restrictive advice about passwords and other security practices is doing more harm than good. Here's why.
Utilities' Operational Networks Continue to Be Vulnerable
More than half of utilities have suffered an outage or data loss in the last 12 months, but only a minority of organizations seem ready for an attack that could affect operations, a survey finds.
Lack of Role Models, Burnout & Pay Disparity Hold Women Back
New ISACA data emphasizes a gap between men and women who share their opinions on underrepresentation of women and equal pay in the tech industry.
'Father of Identity Theft' Convicted on 13 Federal Counts
James Jackson, a 58-year-old Memphis resident, used the identities of deceased individuals to steal money from banks and the estates of the dead.
Navigating Your First Month as a New CISO
The single most important thing you can do is to start building the relationships and political capital you'll need to run your security program. Here's how.
|
Latest Comment: Oh, Bill? He's kind of old-school, but one of our best Cloud developers.
The Year in Security: 2019This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Tweet This
7 Comments
