Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
10 Women in Security You May Not Know But Should
The first in a series of articles shining a spotlight on women who are quietly changing the game in cybersecurity.
How Measuring Security for Risk & ROI Can Empower CISOs
For the vast majority of business decisions, organizations seek metrics-driven proof. Why is cybersecurity the exception?
Automating Ethics for Cybersecurity
Having a code of ethics and enforcing it are two different things.
UVA Defeats UMBC, in Stunning Upset
In first trip to Mid-Atlantic Collegiate Cyber Defense Competition, University of Virginia's Cyber Defense Team defeats reigning national champs from University of Maryland, Baltimore County.
780 Days in the Life of a Computer Worm
This is a story of a worm, from the time it was coded and deployed onto the Internet. It is narrated by the worm in the first person.
SOC in Translation: 4 Common Phrases & Why They Raise Flags
By keeping an ear out for out for catchphrases like "Just ask Stu" or "I've got a bad feeling about this," CISOs can overcome the barriers that get between business leaders and their security teams.
Facebook CISO Stamos to Depart from the Social Media Firm: Report
Stamos will remain in his position through August, according to a report in The New York Times.
Who Does What in Cybersecurity at the C-Level
As security evolve as a corporate priority, so do the roles and responsibilities of the executive team. These seven titles are already feeling the impact.
Online Ads vs. Security: An Invisible War
Why visiting one website is like visiting 50, and how you can fight back against malvertisers.
(ISC)2 Report: Glaring Disparity in Diversity for US Cybersecurity
While the average US security salary is $122,000, the average salary for people of color is $115,000, with men identifying as minorities making $6000 more than minority women.
A Secure Enterprise Starts with a Cyber-Aware Staff
An attack doesn't have to be super high-tech to cause a lot of damage. Make sure your employees know how to spot an old-fashioned phishing campaign.
What CISOs Should Know About Quantum Computing
As quantum computing approaches real-world viability, it also poses a huge threat to today's encryption measures.
Disappearing Act: Dark Reading Caption Contest Winners
A standout field with hysterical puns about security policies, Meltdown, Amazon Web Services, and the right to be forgotten. And the winner is …
DevSecOps: The Importance of Building Security from the Beginning
Here are four important areas to tackle in order to master DevSecOps: code, privacy, predictability, and people.
7 University-Connected Cyber Ranges to Know Now
Universities are beginning to add cyber ranges to the facilities for teaching cyber security to students and professionals.
Privilege Abuse Attacks: 4 Common Scenarios
It doesn't matter if the threat comes from a disgruntled ex-employee or an insider anticipating financial gain, privilege abuse patterns are pretty much the same, and they're easy to avoid.
Pragmatic Security: 20 Signs You Are 'Boiling the Ocean'
Ocean-boiling is responsible for most of the draconian, nonproductive security policies I've witnessed over the course of my career. Here's why they don't work.
Hacking Back & the Digital Wild West
Far from helping organizations defend themselves, hacking back will escalate an already chaotic situation.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
