Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Today's Cybersecurity Management Requires A New Approach
The current managed security services provider model just doesn't work in our information-rich world. Time to shake things up.
Fear & Loathing In The Cloud
Whether you've already bought your ticket for the cloud or still have some issues to sort through, fine-tune your security practices to make sure your ride is a smooth one.
Hacking The Polls: Where US Voting Processes Fall Short
The patchwork of 50 decentralized state electoral systems threatens to disrupt our national election through ransomware attacks, hijacked voter registration rolls, and altered voting results.
5 Best Practices For Winning the IoT Security Arms Race
By focusing on a pragmatic approach to security, it’s possible to develop IoT solutions that will reduce future risk without breaking the bank.
Mobile Fraud Changes Outlook for Multifactor Authentication
SMS one-time passcodes just won't cut it anymore. We need new approaches that people will actually use.
What The WADA Hack Proves About Today's Threat Landscape
Fancy Bear's initial release of data on four top American athletes reminds us all to reassess our risks.
7 New Rules For IoT Safety & Vuln Disclosure
In the Internet of Things, even the lowliest smart device can be used for a malicious purpose. Manufacturers take heed!
On-Premises & In The Cloud: Making Sense Of Your Cybersecurity Ecosystem
As enterprises continue to invest in hybrid cloud strategies, they need their fragmented security solutions to work together.
Snowden: Hollywood Highlights 2 Persistent Privacy Threats
Oliver Stone’s movie shows us that while most of us have nothing to hide, we all have information worth protecting – both technically and constitutionally.
Even A False Positive Can Be Valuable
Sharing information about cyberthreats is important for the financial services industry, even when threats turn out to be not-so-threatening.
A Twist On The Cyber Kill Chain: Defending Against A JavaScript Malware Attack
This slightly modified model is a practical way to keep attackers out of your systems.
Hacking 'Forward’ With Weaponized Intelligence
Instead of hacking back and taking the fight to your adversary, what if your organization hacked forward by unearthing breach scenarios before the hackers do?
What Smart Cities Can Teach Enterprises About Security
The more you simplify your security program while still being effective, the better, says San Diego’s chief information security officer. Here’s his three-step process.
What’s The Risk? 3 Things To Know About Chatbots & Cybersecurity
Interactive message bots are useful and becoming more popular, but they raise serious security issues.
Why You May Need To Shake Up Your DevOps Team To Manage The Cloud
The security approaches of yesterday won’t work in the cloud world of today and tomorrow.
20 Questions Security Leaders Need To Ask About Analytics
The game of 20 questions is a great way to separate vendors that meets your needs from those who will likely disappoint.
Yes, The Cloud Can Be A Security Win
With the right controls in place, the cloud doesn’t have to be a scary place. These guidelines can help your company stay safe.
Risk Management Best Practices For CISOs
What's your company's risk appetite? Our list of best practices can help you better understand a difficult topic.
A Moving Target: Tackling Cloud Security As A Data Issue
Today’s challenge is protecting critical information that an increasingly mobile workforce transfers every day between clouds, between cloud and mobile, and between cloud, mobile, and IoT.
Snowden May Help Explain Your Job To Your Family
Hacking Oliver Stone's new film about whistleblower Edward Snowden.
New Book Traces Obama Strategy To Protect America From Hackers, Terrorists & Nation States
A review of Charlie Mitchell's 'Hacked: The Inside Story of America’s Struggle to Secure Cyberspace.'
Data Manipulation: An Imminent Threat
Critical industries are largely unprepared for a potential wave of destructive attacks.
Avoiding The Blame Game For A Cyberattack
How organizations can develop a framework of acceptable care for cybersecurity risk.
The Shifting Mindset Of Financial Services CSOs
They’re getting more realistic and developing strategies to close security gaps.
Defining The Common Core Of Cybersecurity: Certifications + Practical Experience
Security certifications are necessary credentials, but alone won’t solve the industry’s critical talent gap.
Introducing Deep Learning: Boosting Cybersecurity With An Artificial Brain
With nearly the same speed and precision that the human eye can identify a water bottle, the technology of deep learning is enabling the detection of malicious activity at the point of entry in real-time.
Why Social Media Sites Are The New Cyber Weapons Of Choice
Facebook, LinkedIn, and Twitter can’t secure their own environments, let alone yours. It’s time to sharpen your security acumen.
The New Security Mindset: Embrace Analytics To Mitigate Risk
Sure, conducting a penetration test can find a weakness. But to truly identify key areas of risk, organizations must start to think more creatively, just like today’s hackers.
3 Golden Rules For Managing Third-Party Security Risk
Rule 1: know where your data sets are, which vendors have access to the data, and what privacy and security measures are in place.
How To Talk About Security With Every C-Suite Member
Reframe your approach with context in order to get your message across.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
