Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Quantifying Security Results to Justify Costs
The CISO job isn't to protect the entire business from all threats for any budget. It's to spell out what level of protection executives can expect for a given budget.
9 Ways Data Vampires Are Bleeding Your Sensitive Information
Pull a Van Helsing on those sucking the lifeblood from your data and intellectual property.
Email Threats Poised to Haunt Security Pros into Next Decade
Decentralized threat intel sharing, more public-private collaboration, and greater use of automated incident response are what's needed to combat phishing
Hacking Phones: How Law Enforcement Is Saving Privacy
It's no longer true that society must choose to either weaken everybody's privacy or let criminals run rampant.
Why It's Imperative to Bridge the IT & OT Cultural Divide
As industrial enterprises face the disruptive forces of an increasingly connected world, these two cultures must learn to coexist.
4 Security Lessons Federal IT Pros Can Teach the Private Sector
With a little research and basic planning, small companies can make big strides against the cybersecurity threats they face. Here's how.
It's Time to Improve Website Identity Indicators, Not Remove Them
Why Google and Mozilla are wrong about the benefits of Extended Validation certificates that aim to prevent fraud and protect user privacy.
Report: 2020 Presidential Campaigns Still Vulnerable to Web Attacks
Nine out of 12 Democratic candidates have yet to enable DNSSEC, a simple set of extensions that stops most targeted domain-based attacks.
The AI (R)evolution: Why Humans Will Always Have a Place in the SOC
In cybersecurity, the combination of men, women and machines can do what neither can do alone -- form a complementary team capable of upholding order and fighting the forces of evil.
Keeping Too Many Cooks out of the Security Kitchen
A good security team helps the business help itself operate more securely -- soliciting input while adhering to a unified strategy, vision, goals, and priorities.
SOC Puppet: Dark Reading Caption Contest Winners
Social engineering, SOC analysts, and Sock puns. And the winners are:
Smart Prevention: How Every Enterprise Can Create Human Firewalls
Organizations of all sizes should include both human firewalls and virtual tools in their cybersecurity budgets.
How to Think Like a Hacker
In the arms race of computer security, it's never been more important to develop an adversarial mindset that can identify assumptions and determine if and how they can be violated.
Virginia a Hot Spot For Cybersecurity Jobs
State has highest number of people in information security roles and the most current job openings, Comparitech study finds.
A Realistic Threat Model for the Masses
For many people, overly restrictive advice about passwords and other security practices is doing more harm than good. Here's why.
Utilities' Operational Networks Continue to Be Vulnerable
More than half of utilities have suffered an outage or data loss in the last 12 months, but only a minority of organizations seem ready for an attack that could affect operations, a survey finds.
Lack of Role Models, Burnout & Pay Disparity Hold Women Back
New ISACA data emphasizes a gap between men and women who share their opinions on underrepresentation of women and equal pay in the tech industry.
'Father of Identity Theft' Convicted on 13 Federal Counts
James Jackson, a 58-year-old Memphis resident, used the identities of deceased individuals to steal money from banks and the estates of the dead.
Navigating Your First Month as a New CISO
The single most important thing you can do is to start building the relationships and political capital you'll need to run your security program. Here's how.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
