Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
8 Cybersecurity Myths Debunked
The last thing any business needs is a swarm of myths and misunderstandings seeding common and frequent errors organizations of all sizes make in safeguarding data and infrastructure.
For a Super Security Playbook, Take a Page from Football
Four key questions to consider as you plan out your next winning security strategy.
Yes, You Can Patch Stupid
Before you start calling users stupid, remember that behind every stupid user is a stupider security professional.
Open Source & Machine Learning: A Dynamic Duo
In recent months, machine-learning code has become readily available in the open source community, putting security analysts on a path toward easier data pattern recognition.
Remote Access & the Diminishing Security Perimeter
Where security really matters, the enterprise is only as secure as the endpoints it allows to access its sensitive core systems.
Creating a Security Culture & Solving the Human Problem
People are the biggest weakness to security breaches; people can also be your organization's biggest defense.
Why Privacy Is Hard Work
For Data Privacy Day, let's commit to a culture of privacy by design, nurtured by a knowledgeable team that can execute an effective operational compliance program.
3 Ways Companies Mess Up GDPR Compliance the Most
The best way to conform to the EU's new privacy regulation is to assume that you don't need to hold on to personal data, versus the opposite.
The 5 Stages of CISO Success, Past & Future
In cybersecurity, as in history, security leaders who forget the lessons of the past will be doomed to repeat them.
Collateral Damage: When Cyberwarfare Targets Civilian Data
You can call it collateral damage. You can call it trickledown cyberwarfare. Either way, foreign hacker armies are targeting civilian enterprises as a means of attacking rival government targets.
Why Cybersecurity Must Be a Top Priority for Small & Midsize Businesses
The big corporations may grab the headlines, but America's SMBs have the most to lose in the aftermath of a data breach.
The Evolution of SIEM
Expectations for these security information and event management systems have grown over the years, in ways that just aren't realistic.
Think Twice Before Paying a Ransom
Why stockpiling cryptocurrency or paying cybercriminals is not the best response.
The Fact and Fiction of Homomorphic Encryption
The approach's promise continues to entice cryptographers and academics. But don't expect it to help in the real world anytime soon.
How Cybercriminals Clean Their Dirty Money
By using a combination of new cryptocurrencies and peer-to-peer marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year. And that's just the beginning.
Shadow IT, IaaS & the Security Imperative
Organizations must strengthen their security posture in cloud environments. That means considering five critical elements about their infrastructure, especially when it operates as an IaaS.
The Rx for HIPAA Compliance in the Cloud
For medical entities, simply following HIPAA cloud service provider guidelines is no longer enough to ensure that your practice is protected from cyber threats, government investigations, and fines.
The Security Perimeter Is Dead; Long Live the New Endpoint Perimeter
The network no longer provides an air gap against external threats, but access devices can take up the slack.
Simulating Lateral Attacks Through Email
A skilled attacker can get inside your company by abusing common email applications. Here are three strategies to block them.
How the US Chooses Which Zero-Day Vulnerabilities to Stockpile
When it comes to acceptable circumstances for government disclosure of zero-days, the new Vulnerabilities Equity Process might be the accountability practice security advocates have been waiting for.
Are You Listening to Your Kill Chain?
With the right tools and trained staff, any organization should be able to deal with threats before information is compromised.
Online Fraud: Now a Major Application Layer Security Problem
The explosion of consumer-facing online services and applications is making it easier and cheaper for cybercriminals to host malicious content and launch attacks.
Why Cyberattacks Are the No. 1 Risk
The paradigm shift toward always-on IT requires business leaders to rethink their defense strategy.
Advanced Phishing Scenarios You Will Most Likely Encounter This Year
In 2019, there will be no end in sight to email-driven cybercrime such as business email compromise, spearphishing, and ransomware.
Kudos to the Unsung Rock Stars of Security
It is great to have heroes, but the real security heroes are the men and women who keep the bad guys out while fighting their own organizations at the same time.
Election Security Isn't as Bad as People Think
Make no mistake, however: We'll always have to be on guard. And we can take some lessons from the world of industrial cybersecurity.
6 Best Practices for Managing an Online Educational Infrastructure
Universities must keep pace with rapidly changing technology to help thwart malicious hacking attempts and protect student information.
Cutting Through the Jargon of AI & ML: 5 Key Issues
Ask the tough questions before you invest in artificial intelligence and machine learning technology. The security of your enterprise depends on it.
Security at the Speed of DevOps: Maturity, Orchestration, and Detection
Container and microservices technologies, including the orchestrator Kubernetes, create an extraordinary opportunity to build infrastructure and applications that are secure by design.
Your Life Is the Attack Surface: The Risks of IoT
To protect yourself, you must know where you're vulnerable — and these tips can help.
Security Matters When It Comes to Mergers & Acquisitions
The recently disclosed Marriott breach exposed a frequently ignored issue in the M&A process.
Threat of a Remote Cyberattack on Today's Aircraft Is Real
We need more stringent controls and government action to prevent a catastrophic disaster.
Managing Security in Today's Compliance and Regulatory Environment
Instead of losing sight of the cybersecurity forest as we navigate the compliance trees, consolidate and simplify regulatory compliance efforts to keep your eyes on the security prize.
Taming the Digital Wild West
Congress must do more to encourage good Samaritan efforts in the cybersecurity community and make it easier for law enforcement to consistently collaborate with them.
Redefining Critical Infrastructure for the Age of Disinformation
In an era of tighter privacy laws, it's important to create an online environment that uses threat intelligence productively to defeat disinformation campaigns and bolster democracy.
25 Years Later: Looking Back at the First Great (Cyber) Bank Heist
The Citibank hack in 1994 marked a turning point for banking -- and cybercrime -- as we know it. What can we learn from looking back at the past 25 years?
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
