Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Analyzing Cybersecurity's Fractured Educational Ecosystem
We have surprisingly little data on how to evaluate infosec job candidates academic qualifications. That needs to change.
Equihax: Identifying & Wrangling Vulnerabilities
Now that we know what was taken from Equifax, how it was taken, and what is being sold, what more do we need to learn before the next time?
How to Live by the Code of Good Bots
Following these four tenets will show the world that your bot means no harm.
Why Your Business Must Care about Privacy
It might not have something to hide, but it definitely has something to protect.
Security's #1 Problem: Economic Incentives
The industry rewards cutting corners rather than making software safe. Case in point: the Equifax breach.
Health IT & Cybersecurity: 5 Hiring Misconceptions to Avoid
Why healthcare organizations need a good strategy to find talent, or get left behind.
Why Size Doesn't Matter in DDoS Attacks
Companies both large and small are targets. Never think "I'm not big enough for a hacker's attention."
Software Assurance: Thinking Back, Looking Forward
Ten personal observations that aim to bolster state-of-the-art and state-of-practice in application security.
Get Serious about IoT Security
These four best practices will help safeguard your organization in the Internet of Things.
GDPR & the Rise of the Automated Data Protection Officer
Can artificial intelligence and machine learning solve the skills shortage as the EU's General Data Protection Regulation deadline approaches?
How Apple's New Facial Recognition Technology Will Change Enterprise Security
Expect a trickle-down effect, as tech similar to Face ID becomes offered outside of Apple.
To Be Ready for the Security Future, Pay Attention to the Security Past
It's easy to just move on to the next problem, ignoring what's happened -- but that's a mistake.
Security Orchestration & Automation: Parsing the Options
Once you head down the path of orchestration, security teams will need to decide how much automation they are ready for. Here's how.
Cloud Security's Shared Responsibility Is Foggy
Security is a two-way street. The cloud provider isn't the only one that must take precautions.
Encryption: A New Boundary for Distributed Infrastructure
As the sheet metal surrounding traditional infrastructure continues to fall away, where should security functions in a cloud environment reside?
5 Problems That Keep CISOs Awake at Night
The last few years have shown a big difference in the way cyber-risks are acknowledged, but progress still needs to be made.
20 Questions to Help Achieve Security Program Goals
There are always projects, maturity improvements, and risk mitigation endeavors on the horizon. Here's how to keep them from drifting into the sunset.
The 'Team of Teams' Model for Cybersecurity
Security leaders can learn some valuable lessons from a real-life military model.
Deception: A Convincing New Approach to Cyber Defense
How defenders in a US national security agency capture-the-flag exercise used an endless stream of false data across the network to thwart attackers and contain damage.
Why Relaxing Our Password Policies Might Actually Bolster User Safety
Recent guidance from NIST may seem counterintuitive.
If Blockchain Is the Answer, What Is the Security Question?
Like any technology, blockchain has its strengths and weaknesses. But debunking three common myths can help you cut through the hype.
Is Public Sector Cybersecurity Adequate?
Many governmental organizations are unstaffed, underfunded, and unprepared to fight common attacks, and they could learn a thing or two from the private sector.
Sandbox-Aware Malware Foreshadows Potential Attacks
For the continuous monitoring industry to remain relevant, it needs to match the vigor of sandbox vendors against targeted subversion.
Is Your Organization Merely PCI-Compliant or Is It Actually Secure?
The Host Identity Protocol might be the answer to inadequate check-the-box security standards.
Workplace IoT Puts Companies on Notice for Smarter Security
Blacklisting every "thing" in sight and banning connections to the corporate network may sound tempting, but it's not a realistic strategy.
3 Ways AI Could Help Resolve the Cybersecurity Talent Crisis
There's no escaping the fact that there's a skills shortage, and companies aren't doing enough to cultivate talent. AI could relieve some of the pressure.
How Effective Boards Drive Security Mandates
The focus on cybersecurity policies must be prioritized from the top down.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
