Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
MITRE Shield Matrix Highlights Deception & Concealment Technology
The role that these technologies play in the MITRE Shield matrix is a clear indicator that they are an essential part of today's security landscape.
5 Human Factors That Affect Secure Software Development
With the move to remote work, it's especially important to understand how to support, discourage, and monitor conditions for development teams.
Microsoft's Kubernetes Threat Matrix: Here's What's Missing
With a fuller picture of the Kubernetes threat matrix, security teams can begin to implement mitigation strategies to protect their cluster from threats.
A Pause to Address 'Ethical Debt' of Facial Recognition
Ethical use will require some combination of consistent reporting, regulation, corporate responsibility, and adversarial technology.
To Err Is Human: Misconfigurations & Employee Neglect Are a Fact of Life
The cyber kill chain is only as strong as its weakest link, so organizations should reinforce that link with a properly equipped dedicated security team.
Implementing Proactive Cyber Controls in OT: Myths vs. Reality
Debunking the myths surrounding the implementation of proactive cyber controls in operational technology.
Dealing With Insider Threats in the Age of COVID
Dangerous gray areas like new BYOD policies and shadow IT devices have increased, thanks to the rapid shift to remote working.
Are You One COVID-19 Test Away From a Cybersecurity Disaster?
One cybersecurity failure can result in a successful ransomware attack or data breach that could cause tremendous damage. There's no need to panic, but neither is there time to ignore the issue.
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
Attacks involving an unmanaged device and no malware expose gaps in cybersecurity that must be addressed.
The Cybersecurity Maturity Model Certification: Are You in Compliance?
Not only can this framework help companies remain solvent, but it will also protect critical information from getting into the wrong hands.
Building the Human Firewall
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?
Trickbot, Phishing, Ransomware & Elections
The botnet has taken some hits lately, but that doesn't mean the threat is over. Here are some steps you can take to keep it from your door.
A New Risk Vector: The Enterprise of Things
Billions of devices -- including security cameras, smart TVs, and manufacturing equipment -- are largely unmanaged and increase an organization's risk.
Cybercrime Losses Up 50%, Exceeding $1.8B
Fewer companies are being hit by cyber incidents, but those that do get hit are hit harder and more often.
Overcoming the Challenge of Shorter Certificate Lifespans
We could be in the middle of a major transition to shorter and shorter certificate life spans, which has significant implications for how IT organizations manage certificates across the enterprise.
The Ruthless Cyber Chaos of Business Recovery
Critical technology initiatives leveraging the best of technology solutions are the only way through the cyber chaos of 2020.
Assuring Business Continuity by Reducing Malware Dwell Time
Here's how CISOs and IT security operations teams can best address key challenges to network monitoring that could increase malware dwell time.
NIST Quantum Cryptography Program Nears Completion
The National Institute of Standards and Technology's first post-quantum cryptography standard will address key issues, approaches, an arms race, and the technology's uncertain future.
Where Are the 'Great Exits' in the Data Security Market?
If data security were a student, its report card would read "Not performing to potential." Here's why.
Trickbot Botnet Response Highlights Partnerships Preventing US Election Interference
Recent efforts by USCYBERCOM and Microsoft to disrupt the Trickbot botnet highlight the importance of partnerships in successful malware botnet disruption.
Online Voting Is Coming, but How Secure Will It Be?
It's time for state governments to act as leaders, adopt digital ID standards, enable new online voting systems, and provide broad-based access to all communities for the benefit of all.
Security Officers, Are Your Employees Practicing Good Habits from Home?
Even if you can't see your employees in the office, they still need to be reminded that criminals are always trying to spot a weak link in the chain.
Why MSPs Are Hacker Targets, and What To Do About It
Managed service providers are increasingly becoming the launching pad of choice for ransomware and other online malfeasance.
Scale Up Threat Hunting to Skill Up Analysts
Security operation centers need to move beyond the simplicity of good and bad software to having levels of "badness," as well as better defining what is good. Here's why.
Key Considerations & Best Practices for Establishing a Secure Remote Workforce
Cybersecurity is challenging but not paralyzing, and now is the moment to educate our employees to overcome these challenges.
The New War Room: Cybersecurity in the Modern Era
The introduction of the virtual war room is a new but necessary shift. To ensure its success, security teams must implement new systems and a new approach to cybersecurity.
What the Sci-Fi Hit Altered Carbon Teaches Us About Virtualization Security
The Netflix show may be fantastical, but it has real-world lessons about virtualization.
Verizon Payment Security Report is a Wake-up Call: Time to Refocus on PCI DSS Compliance
Too many organizations fail to enact the baseline payment security controls, according to the Verizon 2020 Payment Security Report.
10 Years Since Stuxnet: Is Your Operational Technology Safe?
The destructive worm may have debuted a decade ago, but Stuxnet is still making its presence known. Here are steps you can take to stay safer from similar attacks.
Do's and Don'ts for School Cybersecurity Awareness
Remote learning has introduced an array of new cyberthreats to American families and schools, but this can be an educational moment for all involved.
3 Ways Data Breaches Accelerate the Fraud Supply Chain
The battle's just beginning as bad actors glean more personal information from victims and use that data to launch larger attacks.
Truncated URLs Look to Make Big Dent in Phishing
The approach is a long time in coming and will test the premise that users can more easily detect a suspicious domain from the name alone.
'It Won't Happen to Me': Employee Apathy Prevails Despite Greater Cybersecurity Awareness
To protect your organization from all emerging file-borne threats, the security and leadership teams must align to develop a streamlined approach to file security.
Cryptojacking: The Unseen Threat
Mining malware ebbs and flows with the price of cryptocurrencies, and given the momentum on price is upward, cryptojacking is a very present threat.
IDaaS: A New Era of Cloud Identity
As identity-as-a-service becomes the standard for enterprise identity management, upstarts and established competitors are competing to define the market's future. Participate in Omdia's IDaaS research.
COVID-19 Creates Opening for OT Security Reform
Operations technology was once considered low risk, at least until the virus came along and re-arranged the threat landscape.
Attacker Dwell Time: Ransomware's Most Important Metric
How to bolster security defenses by zeroing in on the length of time an interloper remains undetected inside your network.
Shifting Left of Left: Why Secure Code Isn't Always Quality Code
Enabling engineers to share responsibility for security and empowering them to erase common vulnerabilities are good starting points.
The Shared Irresponsibility Model in the Cloud Is Putting You at Risk
Step up, put the architecture and organization in place, and take responsibility. If you don't, who will?
Safeguarding Schools Against RDP-Based Ransomware
How getting online learning right today will protect schools, and the communities they serve, for years to come.
WannaCry Has IoT in Its Crosshairs
The wide variety of devices attached to the Internet of Things offers a rich target for purveyors of ransomware.
Solving the Problem With Security Standards
More explicit threat models can make security better and open the door to real and needed innovation.
Since Remote Work Isn't Going Away, Security Should Be the Focus
These three steps will help organizations reduce long-term work-from-home security risks.
My Journey Toward SAP Security
When applications are critical to the business's core functions, the CISO and their staff better get the security right.
7 Non-Technical Skills Threat Analysts Should Master to Keep Their Jobs
It's not just technical expertise and certifications that enable analysts to build long-term careers in cybersecurity.
New Google Search Hacks Push Viruses & Porn
Three incidents demonstrate how cybercriminals leverage the scourge of black-hat search engine optimization to manipulate search results.
Permission Management & the Goldilocks Conundrum
In today's COVID-19 era, managing access has become even more difficult, especially for large organizations. Here's how to get it "just right."
5 Steps to Greater Cyber Resiliency
Work from home isn't going away anytime soon, and the increased vulnerability means cyber resiliency will continue to be critical to business resiliency.
Mitigating Cyber-Risk While We're (Still) Working from Home
One click is all it takes for confidential information to land in the wrong hands. The good news is that there are plenty of ways to teach preventative cybersecurity to remote workers.
Time for CEOs to Stop Enabling China's Blatant IP Theft
Protecting intellectual property in the name of US economic and national security should be part of every company's fiduciary duty.
|
Special Report: Computing's New NormalThis special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Tweet This
0 Comments
