Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Hacking the Security Job Application Process
Simple advice to help job seekers dig out of the black hole of recruiter and employer hiring portals.
FTC to Issue Refunds Following Tech Support Scam
The Federal Trade Commision will issue partial refunds to victims of a scheme that deceived hundreds of thousands of people.
New York's Historic FinSec Regulation Covers DDoS, Not Just Data
Starting today, New York banks and insurers must report to authorities within 72 hours on any security event that has a 'reasonable likelihood' of causing material harm to normal operations.
A Call for New Voices on the Security Conference Circuit
If the mere idea of talking in public makes you want to hide in a bathroom stall with a stuffed bobcat, think again.
The Changing Face & Reach of Bug Bounties
HackerOne CEO Mårten Mickos reflects on the impact of vulnerability disclosure on today's security landscape and leadership.
Coming Soon to Dark Reading...
Event calendar: Dark Reading brings you threat intelligence tomorrow, boardroom communication next week, and coming in November, a brand new conference in the D.C. area.
14 Social Media-Savvy CISOs to Follow on Twitter
A roundup of some of the more social media-engaged security leaders to follow for updates on industry news, trends, and events.
Curbing the Cybersecurity Workforce Shortage with AI
By using cognitive technologies, an organization can address the talent shortage by getting more productivity from current employees and improving processes.
20 Tactical Questions SMB Security Teams Should Ask Themselves
Or why it pays for small- and medium-sized businesses to plan strategically but act tactically.
Cybersecurity's Ceiling
Security spending and staffing are rising, but restrained resources are tempering market growth.
What CISOs Need to Know about the Psychology behind Security Analysis
Bandwidth, boredom and cognitive bias are three weak spots that prevent analysts from identifying threats. Here's how to compensate.
What Women in Cybersecurity Really Think About Their Careers
New survey conducted by a female security pro of other female security pros dispels a few myths.
Why Cybersecurity Needs a Human in the Loop
It's no longer comparable to Kasparov versus Deep Blue. When security teams use AI, it's like Kasparov consulting with Deep Blue before deciding on his next move.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
