Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Healthcare Is Ignoring Cyber Risk Intel, Academia Even Worse
Healthcare and other sectors are indolently ignoring the process of gathering and using high-level intelligence to focus cyber defenses. Here’s proof.
Hacking Back: Two Wrongs Don’t Make A Right
Here’s the critical issue: Do you want to risk engaging your company in an ego-fueled war of revenge, or do you want to cut the bad guys off at the pass?
Cyber Hunting: 5 Tips To Bag Your Prey
Knowing the lay of the land and where attackers hide is a key element in hunting, both in nature and in the cyber realm.
The Internet Of Bring-Your-Own Things
Devices and interconnected systems are finding a foothold not only in our homes but in mainstream organizations. Here are three tips to mitigate the risk.
Educating The Cyberwarriors Of The Future
If I have to choose between hiring a university-educated CompSci grad or an IT specialist strong in sysadmin, networking or programming, I will pick the IT specialist every time.
Context: Finding The Story Inside Your Security Operations Program
What’s missing in today’s chaotic, alert-driven incident response queue is the idea of a narrative that provides a detailed understanding of how an attack actually unfolds.
The Clinton Email Kerfuffle & Shadow IT
For security pros the issue is not government transparency. It's the fact that users, regardless of seniority, will always pick convenience over security.
Risky Business: Why Monitoring Vulnerability Data Is Never Enough
Keeping tabs on open source code used in your organization’s applications and infrastructure is daunting, especially if you are relying solely on manual methods.
The Bot Threat For the Rest of Us: Application-Layer Attacks
Bots are getting craftier by the day so you may not even know you have a problem.
The End of Pen Testing As We Know It?
It's time to expand the scope of penetration tests beyond the periphery of the enterprise network.
Dark Reading Radio: Security Pros At Risk Of Being Criminalized
ICYMI: Check out Dark Reading Radio's recent broadcast and discussion about the pitfalls of new government efforts to fight bad hackers that could ultimately hurt the good guys.
7 Deadly Sins Of Security Policy Change Management
Mitigating these deadly sins requires process, visibility and automation. It’s an effort that will improve security and increase business agility.
Has Security Ops Outlived Its Purpose?
CISOs will need more than higher headcounts and better automation tools to solve today's security problems.
Deconstructing Threat Models: 3 Tips
There is no one-size-fits-all approach for creating cyber threat models. Just be flexible and keep your eye on the who, what, why, how and when.
6 Ways The Sony Hack Changes Everything
Security in a post-Sony world means that a company's very survival in the wake of a cyber attack is more of a concern than ever before.
5 Things CISOs Can Learn From The Best GMs In Baseball
A MLB team has many goals and objectives: to win, be profitable, have a solid strategy and understand the people whom they serve. Sound familiar?
Second Look: Data Security In A Hybrid Cloud
Today’s big cloud providers were built around an architecture for hosting and securing data. They will continue to thrive, only by keeping your workloads safe.
Does Hollywood Have The Answer To The Security Skills Question?
The Oscar-winning biopic about famed WWII cryptanalyst Alan Turing -- the father of modern computing -- was long overdue. But a lot more needs to be done to inspire the next generation of computer scientists.
Which Apps Should You Secure First? Wrong Question.
Instead, develop security instrumentation capability and stop wasting time on '4 terrible tactics' that focus on the trivial.
A ‘Building Code’ For Internet of Things Security, Privacy
In the fast-emerging IoT, medical device safety is reaching a critical juncture. Here are three challenges InfoSec professionals should begin to think about now.
Compliance & Security: A Race To The Bottom?
Compliance is meaningless if organizations don’t use it as a starting point to understand and mitigate risks within their environment.
Why Security Awareness Alone Won’t Stop Hackers
End-user training is a noble pursuit but it’s no defense against “low and slow” attacks that take months and years to carry out.
Dark Reading Offers Cyber Security Crash Course At Interop 2015
New, one-day event offers a way for IT pros to quickly catch up with the latest threats and defenses in information security.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
