Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
DDoS Attack! Is Regulation The Answer?
Four security experts weigh in on why there’s been little progress in combating DDoS attacks and how companies can start fighting back.
Compliance Is Not Hard
Compliance requires a new set of healthy habits and the self-discipline to make those habits stick
Lessons Learned From The Target Breach
The time is ripe for organizations to take a long, hard look at how they manage employee access and secure sensitive data in cloud environments
How I Secure My Personal Cloud
As global cloud traffic grows exponentially, IT pros face the daunting task of securing their personal cloud, data, and workloads.
Solving The Security Workforce Shortage
To solve the skills shortage, the industry will need to attract a wider group of people and create an entirely new sort of security professional
Boutique Malware & Hackers For Hire
Heads up! Small groups of cyber-mercenaries are now conducting targeted hit-and-run attacks for anyone willing to pay the price.
Securing Data In 4 (Relatively) Easy Steps
The key to success in information security is finding the 'right' information in all the data you aim to protect.
'Connect': A Modern Approach To Mobile, Cloud Identity
A new protocol from the OpenID Foundation promises enterprises federated single sign-on that can scale.
The Snowden Effect: Who Controls My Data?
In today’s post-NSA-spying world, the key to providing trustworthy digital services to customers is control coupled with transparency.
Data Security Dos & Don’ts From The Target Breach
The holidays brought attacks on the retail industry. If you aren’t in retail, your industry could be next.
3 Web Security Takeaways From Wikipedia's Near Miss
Even the most useful and benevolent websites have the potential to host malware.
Healthcare Information Security: Still No Respect
More than a decade after publication of HIPAA’s security rule, healthcare information security officers still struggle to be heard.
Data Breach Notifications: Time For Tough Love
Target and Neiman Marcus came clean quickly about their data breaches, but most business don't. It's time for standards -- and fines.
The 7 Deadly Sins of Application Security
How can two organizations with the exact same app security program have such wildly different outcomes over time? The reason is corporate culture.
The Problem With Two-Factor Authentication
The failure of corporate security strategies to protect personal identity information from hackers resides more with system architecture than with authentication technology. Here's why.
Infographic: Mobile Security Run Amok
Where is your organization in the battle over mobile device management and security?
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
