Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Vulnerability Prioritization: Are You Getting It Right?
Developers must find a way to zero in on the security vulns that present the most risk and quickly address them without slowing down the pace of development.
IoT Security During COVID-19: What We've Learned & Where We're Going
Vigilance and ongoing training combined with an integrated security framework are key aspects of a successful strategy in the fight against the latest crop of pandemic opportunists.
Four Rules and Three Tools to Protect Against Fake SaaS Apps
Here's how to blunt the twinned forces of shadow IT and counterfeit apps and keep your data safe.
3 Tips For Better Security Across the Software Supply Chain
It may sound look intimidating, but with a few tweaks to tools and processes already in use, it's not hard to get a head start on improving security posture of the software supply chain.
3 Tips for Securing Open Source Software
Maintaining myriad open source components can be tough. Here's how teams can begin to address open source security and continue to innovate.
Why Confidential Computing Is a Game Changer
Confidential Computing is a transformational technology that should be part of every enterprise cloud deployment. It's time to start unlocking the possibilities together.
Retooling the SOC for a Post-COVID World
Residual work-from-home policies will require changes to security policies, procedures, and technologies.
Securing IoT as a Remote Workforce Strategy
Digital transformation with Internet of Things devices offers organizations a way forward in the era of COVID-19. Optimizing this approach for the future will need to start with security.
Omdia Cybersecurity Accelerator Analysts to Take Part in Black Hat USA 2020
Analysts will participate in the Black Hat Briefings, taking place Aug. 4-6, discussing cybersecurity research, offering exclusive video presentations, and meeting with vendors and attendees.
A Patriotic Solution to the Cybersecurity Skills Shortage
Why now is the right time for the security industry to invest in the human capital that will make technology better, smarter, and safer.
3 Ways Social Distancing Can Strengthen Your Network
Security teams can learn a lot from the current pandemic to make modern hybrid business networks stronger and more resilient. Here's how.
5 Tips for Optimizing Your Company's Cyber-Crisis Preparedness
Cyber-incident response often addresses short-term needs, but we need to broaden the view of crisis management to be more forward-thinking.
Black Hat Virtually: An Important Time to Come Together as a Community
The significance of this year's event hasn't changed a whit. It's an opportunity to share what we've learned, and plan how to protect each other and the public for the remainder of the pandemic and beyond.
Using the Attack Cycle to Up Your Security Game
Like the universe, the attack surface is always expanding. Here's how to keep up and even get ahead.
Technical Challenges of IoT Cybersecurity in a Post-COVID-19 World
Effective management of vulnerabilities can be done only when information about supply chain dependencies is accurate and recent.
The Future's Biggest Cybercrime Threat May Already Be Here
Current attacks will continue to be refined, and what may seem a weakness now could turn out to be a disaster.
Autonomous IT: Less Reacting, More Securing
Keeping data secure requires a range of skills and perfect execution. AI makes that possible.
As Businesses Move to the Cloud, Cybercriminals Follow Close Behind
In the wake of COVID-19, data theft is by far the top tactic, followed by cryptomining and ransomware.
Pandemic Credential Stuffing: Cybersecurity's Ultimate Inside Job
How stolen credentials for services like Zoom and password reuse practices threaten to compromise other accounts and applications.
Banning TikTok Won't Solve Our Privacy Problems
Preventing the use of an apps based solely on its country of origin (no matter how hostile) is merely a Band-Aid that won't fully address all privacy and security concerns.
Data Privacy Challenges for California COVID-19 Contact Tracing Technology
Developers, governments, and regulators must work with the cybersecurity industry to apply rigorous standards to contact-tracing apps to make sure that the societal impact of COVID-19 doesn't extend into personal privacy.
Deepfakes & James Bond Research Project: Cool but Dangerous
Open source software for creating deepfakes is getting better and better, to the chagrin of researchers
Ripple20's Effects Will Impact IoT Cybersecurity for Years to Come
A series of newly discovered TCP/IP software vulnerabilities pose a threat to millions of IoT devices. Undiscovered since the early 1990s, they highlight the need to improve security in an increasingly precarious IoT supply chain.
The InfoSec Barrier to AI
Information security challenges are proving to be a huge barrier for the artificial intelligence ecosystem. Conversely, AI is causing headaches for CISOs. Here's why.
Cybersecurity Lessons from the Pandemic
How does cybersecurity support business and society? The pandemic shows us.
The Data Privacy Loophole Federal Agencies Are Still Missing
Why knowledge-based authentication is leaving federal contact centers vulnerable to an increasingly sophisticated hacker community.
Leading Through Uncertainty: Be Proactive in Your Dark Web Intelligence Strategy
Having a strong Dark Web intelligence posture helps security teams understand emerging vulnerability trends.
UK Data Privacy Legislation Cannot Be Bypassed to Limit Spread of COVID-19
The UK faces GDPR data privacy challenges regarding its COVID-19 "Test and Trace" program. Despite the importance of contact tracing, its intent to ignore privacy legislation is extremely worrying.
What Organizations Need to Know About IoT Supply Chain Risk
Here are some factors organizations should consider as they look to limit the risk posed by risks like Ripple20.
Cybersecurity Leaders: Invest In Your People
Training, especially cross-training, is insanely powerful when team members are able to experience, train, and work together. It also builds trust.
Third-Party IoT Vulnerabilities: We Need a Cybersecurity Paradigm Shift
The only entities equipped to safeguard Internet of Things devices against risks are the IoT device manufacturers themselves.
How Nanotechnology Will Disrupt Cybersecurity
Tangible solutions related to cryptography, intelligent threat detection and consumer security are closer than you think.
Top 5 Questions (and Answers) About GRC Technology
For the first time in a long time, we must shift from managing localized risks against a landscape of economic growth to managing those issues under much less certain circumstances.
'Make Your Bed' and Other Life Lessons for Security
Follow this advice from a famous military commanders' commencement speech and watch your infosec team soar.
Crypto-Primer: Encryption Basics Every Security Pro Should Know
With so many choices for encrypting data and communication, it's important to know the pros and cons of different techniques.
Decoding the Verizon DBIR Report: An Insider's Look Beyond the Headlines
To truly understand cybersecurity trends, we must look beyond the headlines and ask more of the data. What you learn might surprise you.
4 Security Tips as the July 15 Tax-Day Extension Draws Near
We're continuing to see cybercriminals take advantage of COVID-19, and the extension of Tax Day will be the next technique used in their sophisticated method of attacks.
Omdia Research Launches Page on Dark Reading
Data and insight from a leading cybersecurity research and analysis team will broaden the information available to security professionals and technology vendors.
Fight Phishing with Intention
Phishing exercises have become a staple, but it helps to be as clear as possible on exactly why you're doing them.
Pen Testing ROI: How to Communicate the Value of Security Testing
There are many reasons to pen test, but the financial reasons tend to get ignored.
Fresh Options for Fighting Fraud in Financial Services
Fraud prevention requires a consumer-centric, data sharing approach.
Why Cybersecurity's Silence Matters to Black Lives
The industry is missing an opportunity to educate the public about bad actors who capitalize off of protest, voting rights education and police brutality petitions through social engineering and phishing attacks.
Framing the Security Story: The Simplest Threats Are the Most Dangerous
Don't be distracted by flashy advanced attacks and ignore the more mundane ones.
Applying the 80-20 Rule to Cybersecurity
How security teams can achieve 80% of the benefit for 20% of the work.
How to Assess More Sophisticated IoT Threats
Securing the Internet of Things requires diligence in secure development and hardware design throughout the product life cycle, as well as resilience testing and system component analysis.
Introducing 'Secure Access Service Edge'
The industry's latest buzzword is largely a repackaging exercise that bundles a collection of capabilities together and offers them as a cloud-delivered service.
Considerations for Seamless CCPA Compliance
Three steps to better serve consumers, ensure maximum security, and achieve compliance with the California Consumer Privacy Act.
Lessons from COVID-19 Cyberattacks: Where Do We Go Next?
We need to learn from the attacks and attempts that have occurred in order to prepare for the future.
4 Steps to a More Mature Identity Program
Security has evolved to evaluate an identity's attributes, access, and behavior to determine appropriate access.
Another COVID-19 Side Effect: Rising Nation-State Cyber Activity
While financial institutions and government remain popular targets, COVID-19 research organizations are now also in the crosshairs.
|
Latest Comment: The superior method of sandboxing called "sandcastling" involves having the user detonate the malware.
Special Report: Computing's New Normal, a Dark Reading PerspectiveThis special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Tweet This
17 Comments
