Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Don't Slow Cybersecurity Spending: Steer into the Skid with a Tight Business Plan
We all know there are slippery conditions ahead, which is why it's never been more important for organizations to maintain and even increase their spending on cybersecurity.
3 Ways to Flatten the Health Data Hacking Curve
With more people working from home, health data security is more challenging but vitally important. These tips can help safeguard healthcare data.
Tall Order for Small Businesses: 3 Tips to Find Tailored Security Solutions
SMBs are responsible for nearly 44% of US economic activity, but given the current climate, it can be difficult for them to find available and/or affordable resources.
Good Cyber Hygiene in a Pandemic-Driven World Starts with Us
Three ways that security teams can improve processes and collaboration, all while creating the common ground needed to sustain them.
Contact Tracing & Threat Intel: Broken Tools & Processes
How epidemiology can solve the people problem in security.
Better Collaboration Between Security & Development
Security and development teams must make it clear why their segment of the development life cycle is relevant to the other teams in the pipeline.
Average Cost of a Data Breach: $116M
Sensitivity of customer information and time-to-detection determine financial blowback of cybersecurity breaches.
Rethinking Enterprise Access, Post-COVID-19
New approaches will allow businesses to reduce risk while meeting the needs of users, employees, and third parties. Here are three issues to consider when reimagining enterprise application access.
Back to Basics with Cloud Permissions Management
By using the AAA permissions management framework for cloud operations, organizations can address authentication, authorization, and auditing.
5 Steps for Implementing Multicloud Identity
Why embracing, not fighting, decentralization will pave the way to smoother cloud migrations.
Long-Term Effects of COVID-19 on the Cybersecurity Industry
The maelstrom of change we're going through presents a unique opportunity to become enablers. And to do that requires flexibility.
'New Normal' Caption Contest Winners
Competitors submitted lots of clever virus puns, and the prizes go to ...
The Bigger the News, the Bigger the Cyber Threats
Criminals use disasters, wars, and now pandemics as air cover to focus collective anxiety and fear into highly targeted, malicious messaging.
CISO Dialogue: How to Optimize Your Security Budget
CISOs are never going to have all the finances they want. Hard choices must be made. The CISO of Amazon Prime Video discusses his approaches to a slimmed-down budget.
3 Things Wilderness Survival Can Teach Us About Email Security
It's a short hop from shows like 'Naked and Afraid' and 'Alone' to your email server and how you secure it
Too Big to Cyber Fail?
How systemic cyber-risk threatens US banks and financial services companies
Ransomware from Your Lawyer's Perspective
Three good reasons why your incident response team's first call after a data breach should be to outside counsel.
IoT Security Trends & Challenges in the Wake of COVID-19
The demand for Internet of Things security practices that protect sensitive medical equipment and data will double within the next five years. Here's why.
The Bright Side of the Dark Web
As the hitmen and fraudsters retreat, the Dark Web could become freedom's most important ally.
The Future Will Be Both Agile and Hardened
What COVID-19 has taught us about the digital revolution.
The Hitchhiker's Guide to Web App Pen Testing
Time on your hands and looking to learn about web apps? Here's a list to get you started.
What COVID-19 Teaches Us About Social Engineering
Unless we do something proactively, social engineering's impact is expected to keep getting worse as people's reliance on technology increases and as more of us are forced to work from home.
The Telehealth Attack Surface
Amid the surge in digital healthcare stemming from the coronavirus pandemic, security is taking a backseat to usability.
3 Ways the Pandemic Will Affect Enterprise Security in the Future
While CISOs have been focused on immediate threats, it's time to look ahead to what a post-COVID-19 future will look like.
Will Vote-by-App Ever Be Safe?
Even with strong security measures, Internet voting is still vulnerable to abuse from state-sponsored actors and malicious insiders.
CSO's Guide to 'Employee-First' Security Operations During COVID-19 & Beyond
As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible and ready for change.
Safeguard Your Remote Workforce
DDoS attacks on VPN servers can not only bring remote work to a standstill but also cut off admins from accessing their systems. Here are three ways to stay safer.
The Privacy & Security Outlook for Businesses Post-COVID-19
Long-term business needs -- and the ethical implications that result -- don't simply go away just because we're navigating a global health crisis.
Strengthening Secure Information Sharing Through Technology & Standards
How data sharing, innovation, and regulatory standardization can make it easier for organizations to both contribute and consume critical threat intelligence.
Could Automation Kill the Security Analyst?
Five skills to ensure job security in the Age of Automation.
What Government Contractors Need to Know About NIST, DFARS Password Reqs
Organizations that fail to comply with these rules can get hit with backbreaking fines and class-action lawsuits.
Social Distancing for Healthcare's IoT Devices
Security pros need to double down around prevention of lateral movement by attackers, especially if IoT devices are connected to the network.
Risk Assessment & the Human Condition
Five lessons the coronavirus pandemic can teach security professionals to better assess, monitor, manage, and mitigate organizational risk.
Banking on Data Security in a Time of Insecurity
How banks can maintain security and data integrity in the middle of a pandemic.
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Without the right tools and with not enough cybersecurity pros to fill the void, the talent gap will continue to widen.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
