Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
4 Tips For Planning An Effective Security Budget
Security budgets start with managers assessing all of their resources and measuring the effectiveness of their security programs for strengths and weaknesses
8 Signs Your Security Culture Lacks Consistency
Organizations that practice what they preach and match their actions to their words do far better achieving their goals than those that do not. Here's why that matters.
Surviving InfoSec: Digital Crime And Emotional Grime
The never ending stream of threats, vulnerabilities, and potential attacks can take its toll on the typical security professional. Here’s how to fight back against the pressure.
Dark Reading Marks 10th Anniversary With Month Of Special Coverage
Looking back at the decade in security.
Be Prepared: How Proactivity Improves Cybersecurity Defense
These five strategies will help you achieve a state of readiness in a landscape of unpredictable risk.
SpyEye Creators Sentenced To Long Prison Terms
FBI found that arrest halted the release of nasty SpyEye 2.0.
Mea Culpa: Time To Build Security Into Connectivity
How those of us who spent decades developing faster, easier, and more scalable networking technology have made the lives of our security counterparts a living hell.
Security Lessons from C-3PO, Former CSO of the Millennium Falcon
The business will take risks. When and how to speak up.
Internal Pen-Testing: Not Just For Compliance Audits Anymore
How turning your internal penetration team into a 'Friendly Network Force' can identify and shut down the cracks in your security program.
Device Advice: Keeping Fraudsters From Consumer Info
Data breaches are the first stop for criminals with intentions to steal personally identifiable information. These tips show how to fight fraud while optimizing the customer experience.
9 Years Prison, $1.7 Million Fine For Malicious Insider
Former IT engineer stung for destructive attack on law firm.
10 Things Cyber Insurance Won't Cover
Cyber insurance policies come with some important caveats to keep in mind.
Securing the Weakest Link: Insiders
No longer is a hoodie-wearing malicious hacker the most obvious perpetrator of an inside cyber attack.
Managing The Message Before The Breach
No leader wants to see their company exploited by creative cyber villains. Here’s how CISOs can stay ahead of the game with a strategic plan.
How To Raise Your Salary In Cybersecurity
The hot skills most in demand today for jobs: threat intelligence, security software development, cloud, auditing, and big data analysis.
7 Profiles Of Highly Risky Insiders
To understand who these insiders are and why they pose a risk, start by looking at the root of the problem.
10 Cybersecurity Twitter Profiles To Watch
If you’re responsible for an information security program, check out these influencers to follow.
Top US Undergraduate Computer Science Programs Skip Cybersecurity Classes
New study reveals that none of the top 10 US university computer science and engineering program degrees requires students take a cybersecurity course.
7 Biggest Trends Bubbling Up For Interop
CISOs and security leaders will find security is top of mind at Interop, when risk management intersects with some of the biggest themes likely to come out of the show.
A Day In The Life Of A Security Analyst
'The network doesn't lie' and host detection systems are also key tools for the analyst.
Knowledge Gap Series: 3 Steps To Deal With The High Turnover In Your Security Department
Follow these suggestions to significantly decrease the probability that your organization is a future security headline.
Avoiding Legal Landmines in Data Breach Response
Building a legally defensible cybersecurity program means seeking out guidance from legal advisors before a serious incident forces you together.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
