Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
A Father’s Perspective On The Gender Gap In Cybersecurity
There are multiple reasons for the dearth of women in infosec when the field is so rich with opportunity. The big question is what the industry is going to do about it.
The Unintended Attack Surface Of The Internet Of Things
How a vulnerability in a common consumer WiFi device is challenging today’s enterprise security.
Deconstructing The Challenges Of Software Assurance For Connected Cars
Ensuring software security in the auto industry will entail careful attention to all aspects of software development: design, coding standards, testing, verification and run-time assurance.
FTC v. Wyndham: ‘Naughty 9’ Security Fails to Avoid
The Federal Trade Commission’s fair trade suit against Wyndham hotels offers insight into the brave new world of cybersecurity regulation of consumer data.
4 IoT Cybersecurity Issues You Never Thought About
Government, industry and security professionals problem-solve the daunting challenges of the Internet of Things.
Shellshock’s Cumulative Risk One Year Later
How long does it take to patch an entire distribution and bring it up to date? Longer than you think.
The Common Core Of Application Security
Why you will never succeed by teaching to the test.
Why It’s Insane To Trust Static Analysis
If you care about achieving application security at scale, then your highest priority should be to move to tools that empower everyone, not just security experts.
Navigating The Slippery Slope Of Public Security Disclosure
In talking publicly about cybersecurity, CISOs need to portray capability, strength, and confidence, but without offering critical details that could lead to an attack.
Visibility: The Key To Security In The Cloud
You can’t secure what you can’t see. These five best practices will shed some light on how to protect your data from the ground up.
5 Most Common Firewall Configuration Mistakes
A misconfigured firewall can damage your organization in more ways than you think. Here’s where to look for the holes.
'No-Tell' Motel: Where Hospitality Meets Cybercrime On The Dark Web
In the month of July alone, hundreds of hospitality-related goods and services were offered for sale on the Dark Web including big names like Wyndham, Marriott, Hilton and Starwood.
Fixing IoT Security: Dark Reading Radio Wednesday at 1 P.M. ET
Join us for a conversation about what is being done and what needs to be done to secure the Internet of Things.
Information Security Lessons From Literature
How classic themes about listening, honesty, and truthfulness can strengthen your organization’s security posture, programs and operations.
The Truth About DLP & SIEM: It’s A Process Not A Product
If you know what data is critical to your organization and what activities are abnormal, data loss prevention and security information event management work pretty well. But that’s not usually the case.
What Ashley Madison Can Teach The Rest Of Us About Data Security
For a company whose offering can best be described as discretion-as-a-service, using anything less than state-of-the-art threat detection capabilities is inexcusable.
Why Everybody Loves (And Hates) Security
Even security professionals hate security. So why do we all harbor so much dislike for something we need so much? And what can we do about it?
Avoiding ‘Magpie Syndrome’ In Cybersecurity
A quick fix usually isn’t. Here’s why those bright shiny new point solutions and security features can cause more harm than good.
Back To Basics: 10 Security Best Practices
The most effective strategy for keeping organizations, users and customers safe is to focus on the fundamentals.
Microsoft's Remarkable Pivot: Windows 10 Abandons Privacy
You can read all you want about Windows 10 powerful new privacy features, but that doesn’t mean you have them.
We Can Allow Cybersecurity Research Without Stifling Innovation
The U.S. government is in a unique position to become a global leader in cybersecurity. But only if it retains the open spirit of the Internet that kick-started the Information Age.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
