Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Not Much To Learn From The Second Kick Of The Mule
Repeating compliance and security failures shows a lack of progress
FTC Sets Consumer Data Collection Limits
As Spokeo gets fined $800,000, FTC tries to enforce differences between consumer-reporting services and people-search services, which gather and sell large amounts of publicly accessible personal data.
Patching Goes Up In Flames
The Flame malware throws the integrity of patching into question, which creates quite a quandary for those trained to patch early and often. This represents a significant inflection point for security -- or does it?
Flame: Reading Between The Ones And Zeros
As more information about Flame is revealed, let's consider what we might infer from Flame's composition
Deduplication Performance: More Than Processing Power
Storage performance problems can't be solved by just throwing more processing power at them.
Logging Smarter, Not Just Harder
The problem is not just Big Data -- it's variable data. We attempt to find the answer in late-night commercials
Ironman And Captain America Fight Over Compliance
Defending your company requires both warriors and soldiers
Don't Blame Me, I'm Just An Employee
If you're looking for a cure for mishandling of sensitive data, then look no further than your own management team
LinkedIn: Making Insecure Connections
The recent breach of millions of LinkedIn passwords highlights an all-too-common issue
When Is A Breach Not A Breach?
Monitoring: It's not just for breaches anymore -- and actually it never was. Here are some of the other uses for security monitoring
The Truth Is Not Believable
Too many businesses don’t want to know about their compliance problems
Was U.S. Government's Stuxnet Brag A Mistake?
Some lawmakers accuse Obama administration of failing to manage its secrets, but Stuxnet now stands as a warning of America's cyber-warfare capabilities.
Systems Are Not Compliant; Organizations Are Compliant
IT cannot make your organization compliant
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
