Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Who Says Brilliant Security Engineers Can't Be Amazing People Managers?
Don't let midcareer stagnation be an exit ramp from the cybersecurity industry. Use it as an opportunity to explore and to deepen your enthusiasm.
Stop Counting Vulnerabilities & Start Measuring Risk
When security teams report on real risk, executive teams can gain a much better understanding of the company's security posture.
Screen Sharing: Dark Reading Caption Contest Winners
It was a tough competition with more than 125 submissions, our largest field yet. And the winners are ...
Preventing Credential Theft: A Security Checklist for Boards
Board members pose a unique risk for business, but proper planning helps.
It’s Time to Change the Cybersecurity Conversation
The IT security industry needs more balance between disclosure of threats and discussion of defense practices – and greater sharing of ideas
3 Steps to Reduce Risk in Your Supply Chain
Many companies have very limited visibility into their vendors' security posture -- and some may have thousands of vendors. Here are steps that every company should take to lock down their supply chains.
Why Data Breach Stats Get It Wrong
It's not the size of the stolen data dump that is important. It's the window between the date of the breach and the date of discovery that represents the biggest threat.
A Checklist for Securing the Internet of Things
IoT devices promise endless benefits, but they also come with serious security issues. Use this checklist to make sure your company stays safe.
Advanced Analytics + Frictionless Security: What CISOS Need to Know
Advances in analytics technologies promise to make identity management smarter and more transparent to users. But the process is neither straightforward nor easy.
Why Patching Software Is Hard: Organizational Challenges
The Equifax breach shows how large companies can stumble when it comes to patching. Organizational problems can prevent best practices from being enforced.
Finding Your Appetite for Security Automation (and Why That's Important)
Yes, automation is becoming increasingly critical. But before you go all-in, determine the level that's right for your company.
Why Patching Software Is Hard: Technical Challenges
Huge companies like Equifax can stumble over basic technical issues. Here's why.
Security Training & Awareness: 3 Big Myths
The once-overwhelming consensus that security awareness programs are invaluable is increasingly up for debate.
How to Talk to the C-Suite about Malware Trends
There is no simple answer to the question 'Are we protected against the latest brand-name malware attack?' But there is a smart one.
What's Next after the SEC 'Insider Trading' Breach?
Last month's hack of the Securities and Exchange Commission may prove to be the most high-profile corporate gatekeeper attack to date. But it definitely won't be the last.
What's Next After HTTPS: A Fully Encrypted Web?
As the rate of HTTPS adoption grows faster by the day, it's only a matter of time before a majority of websites turn on SSL. Here's why.
Why Security Leaders Can't Afford to Be Just 'Left-Brained'
The left side of the brain is logical and linear; the right side, creative. You have to use both sides of the brain to connect to your audience in your business.
20 Questions to Ask Yourself before Giving a Security Conference Talk
As cybersecurity continues to become more of a mainstream concern, those of us who speak at industry events must learn how to truly connect with our audience.
Getting the Most Out of Cyber Threat Intelligence
How security practitioners can apply structured analysis and move from putting out fires to fighting the arsonists.
Ransomware Grabs Headlines but BEC May Be a Bigger Threat
With social media, gathering information has never been easier, making Business Email Compromise the land of milk and honey for cybercriminals.
New Dark Reading Conference Will Focus on Defense
The INsecurity Conference, Nov. 29-30 at the Gaylord National Harbor in Maryland is all about helping infosecurity pros mitigate threats -- from hot topics to basic hygiene.
How Systematic Lying Can Improve Your Security
No, you don't have to tell websites your mother's actual maiden name.
Unstructured Data: The Threat You Cannot See
Why security teams needs to take a cognitive approach to the increasing volumes of data flowing from sources they don't control.
Rise in Insider Threats Drives Shift to Training, Data-Level Security
As the value and volume of data grows, perimeter security is not enough to battle internal or external threats.
Private, Public, or Hybrid? Finding the Right Fit in a Bug Bounty Program
How can a bug bounty not be a bug bounty? There are several reasons. Here's why you need to understand the differences.
What Security Teams Need to Know about the NIAC Report
Which of the recommendations made by the NIAC working group will affect security teams the most, and how should they prepare?
Ransomware Will Target Backups: 4 Ways to Protect Your Data
Backups are the best way to take control of your defense against ransomware, but they need protecting as well.
DevOpsSec: A Big Step in Cloud Application Security
Why it's time for DevOps and security teams to bury the hatchet -- and not in each other's back.
5 IT Practices That Put Enterprises at Risk
No one solution will keep you 100% protected, but if you avoid these common missteps, you can shore up your security posture.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
