Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
What Government Contractors Need to Know About NIST, DFARS Password Reqs
Organizations that fail to comply with these rules can get hit with backbreaking fines and class-action lawsuits.
Social Distancing for Healthcare's IoT Devices
Security pros need to double down around prevention of lateral movement by attackers, especially if IoT devices are connected to the network.
Risk Assessment & the Human Condition
Five lessons the coronavirus pandemic can teach security professionals to better assess, monitor, manage, and mitigate organizational risk.
Banking on Data Security in a Time of Insecurity
How banks can maintain security and data integrity in the middle of a pandemic.
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Without the right tools and with not enough cybersecurity pros to fill the void, the talent gap will continue to widen.
Digital Distancing with Microsegmentation
Physical distancing has blunted a virus's impact; the same idea can be applied to computers and networks to minimize breaches, attacks, and infections.
3 SMB Cybersecurity Myths Debunked
Small and midsize businesses are better at cyber resilience than you might think.
How Elite Protectors Operationalize Security Protection
There is no silver bullet for cybersecurity. It takes the right people, with the right mindset, applying the right elements of good security from the data center to the SOC.
Standing Privilege: The Attacker's Advantage
The credential is a commodity and will continue to be breached. As a result, focus and spending must shift toward the access that the credentials provide.
What the World's Elite Protectors Teach Us about Cybersecurity
How to protect anyone and anything, from the perspective of a career Secret Service agent and former special operations marine.
Benefits of a Cloud-Based, Automated Cyber Range
A cyber range is an irreplaceable tool that allows cybersecurity professionals to improve their response capabilities as well as their ability to identify risks.
The Problem with Artificial Intelligence in Security
Any notion that AI is going to solve the cyber skills crisis is very wide of the mark. Here's why.
How an Industry Consortium Can Reinvent Security Solution Testing
By committing to independent testing to determine value, vendors will ensure that their products do what they say they do.
The Need for Compliance in a Post-COVID-19 World
With the current upheaval, business leaders may lose focus and push off implementing security measures, managing risk, and keeping up with compliance requirements. That's a big mistake.
Digital Transformation Risks in Front-end Code
Why making every front-end developer a DevSecOps expert will lead to a more holistic approach to web and native application security.
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Enterprises need to recognize that remote access and other pandemic-related security challenges cannot be fixed with buzzwords or silver-bullet security tools.
Long-Term Remote Work: Keeping Workers Productive & Secure
The pandemic has changed how we get work done. Now, data security must catch up.
Cybersecurity Extends Far Beyond Security Teams & Everyone Plays a Part
Security isn't about tools or technology; it's about establishing a broad, fundamental awareness and sense of responsibility among all employees.
The 3 Top Cybersecurity Myths & What You Should Know
With millions of employees now attempting to work from home, it's vital to challenge misconceptions about cybersecurity.
4 Challenges with Existing VPNs
A VPN is a step in the right direction, but it's not the be-all and end-all when it comes to security and falls short in many ways.
Compliance as a Way to Reduce the Risk of Insider Threats
Several key resources and controls can help reduce overall risk by providing guidance on proper control implementation, preventative measures to deploy, and an emphasis on organizationwide training.
Ensuring Business Continuity in Times of Crisis
Three basic but comprehensive steps can help you and your organization get through adversity
The Problem with Automating Data Privacy Technology
Managing complex and nuanced consumer rights requests presents a unique challenge for enterprises in today's regulated world of GDPR and CCPA. Here's why.
More Tips for Staying Safe While Working from Home
While some users are up to speed with the WFH protocol, it's worth adding a few more items to your security checklist.
The Modern SOC Demands New Skills
Automation and other technologies are improving the organizational structure of the security operations center. This is ultimately for the better, but it means that roles will change too.
Coronavirus, Data Privacy & the New Online Social Contract
How governments can protect personal privacy in contact tracing while saving peoples' lives
Rule of Thumb: USB Killers Pose Real Threat
They look just like a USB thumb drive, but instead of storing data, they can be used to destroy it and the device the data is saved on.
Why DevSecOps Is Critical for Containers and Kubernetes
DevSecOps is a big and sometimes difficult shift for organizations. The key to success? Take small steps.
Now More Than Ever? Securing the Software Life Cycle
The more things change, the more they stay the same. That's true for software security, even in these turbulent times.
Threat-Modeling Basics Using MITRE ATT&CK
When risk managers consider the role ATT&CK plays in the classic risk equation, they have to understand the role of threat modeling in building a complete risk scenario.
When Achieving Deadpool Status Is a Good Thing
It means attackers have been met with sufficient resistance that it's no longer worth their trouble and have moved on
Is CVSS the Right Standard for Prioritization?
More than 55% of open source vulnerabilities are rated high or critical. To truly understand a vulnerability and how it might affect an organization or product, we need much more than a number.
Malicious Use of AI Poses a Real Cybersecurity Threat
We should prepare for a future in which artificially intelligent cyberattacks become more common.
Designing Firmware Resilience for 3 Top Attack Vectors
Firmware has become an increasingly prevalent target for hackers. Here's how to stop them.
The Cybersecurity Hiring Conundrum: Youth vs. Experience
How working together across the spectrum of young to old makes our organizations more secure.
Industrial Networks' Newest Threat: Remote Users
We know remote working isn't going away anytime soon, so it's crucial we be extra vigilant about security for industrial networks and critical infrastructure.
Things Keeping CISOs Up at Night During the COVID-19 Pandemic
Insights from discussions with more than 20 CISOs, CEOs, CTOs, and security leaders.
The Rise of Deepfakes and What That Means for Identity Fraud
Convincing deepfakes are a real concern, but there are ways of fighting back.
7 Fraud Predictions in the Wake of the Coronavirus
It's theme and variations in the fraud world, and fraudsters love -- and thrive -- during chaos and confusion
4 Ways to Get to Defensive When Faced by an Advanced Attack
To hold your own against nation-state-grade attacks, you must think and act differently.
5 Big Lessons from the Work-from-Home SOC
Accustomed to working in the same room, security teams now must find ways to operate effectively in the new remote reality.
Increased Credential Threats in the Age of Uncertainty
Three things your company should do to protect credentials during the coronavirus pandemic.
What's Your Cybersecurity Architecture Integration Business Plan?
To get the most out of your enterprise cybersecurity products, they need to work together. But getting those products talking to each other isn't easy.
Cloud Services Are the New Critical Infrastructure. Can We Rely on Them?
If cloud services vendors successfully asked themselves these three questions, we'd all be better off.
COVID-19 Quarantine: A Unique Learning Opportunity for Defenders
Use these spare moments at home to master new skills that will help protect your organization and enhance your career.
Find Your Framework: Thinking Fast and Slow
Economist Daniel Kahneman's classic book has lessons for those in security, especially now.
Narrow the Scope of Compliance
Many organizations are doing more than they need regarding compliance.
How the Dark Web Fuels Insider Threats
New decentralized, criminal marketplaces and "as-a-service" offerings make it easy for employees to monetize their knowledge and access to enterprise networks and systems.
Resiliency: The Trait National Sporting Leagues Share with Security & IT Teams
During unprecedented times such as these, both businesses and professional sports are forced to go back to basics.
The Evolving Threat of Credential Stuffing
Bots' swerve to focus on APIs means businesses must take the threat seriously and take effective action.
|
Latest Comment: This comment is waiting for review by our moderators.
How Cybersecurity Incident Response Programs Work (and Why Some Don't)This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats
Download this report to find out what organizations are doing to secure their endpoints and to protect themselves against malware, hackers, and social engineering attacks.
Tweet This
15 Comments
