Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Advertise

About Us

Author

Profile of Curtis Simpson

Chief Information Security Officer at Armis

Member Since: 1/22/2020
Author
News & Commentary Posts: 2
Comments: 0

As the CISO at Armis, Curtis Simpson is responsible for ensuring that the Armis product continues to maintain its high standard and vigilant focus on platform and customer security and privacy. Prior to Armis, he was the CISO at Sysco, a Fortune 54 corporation. As Vice President and Global CISO at Sysco, Curtis directed a portfolio of innovative and effective business-focused security and compliance programs responsible for reducing security risks faced by a global organization.

Articles by Curtis Simpson

View Content By Month

Four Ways to Mitigate Supply Chain Security Risks From Ripple20

8/18/2020
Enterprises can significantly alleviate current and long-standing third-party risk by using tactical and strategic efforts to assess and manage them.
Post a Comment

How to Get the Most Out of Your Security Metrics

1/27/2020
There's an art to reporting security metrics so that they speak the language of leadership and connect the data from tools to business objectives.
Post a Comment

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 10/1/2020

9 Tips to Prepare for the Future of Cloud & Network Security

Kelly Sheridan, Staff Editor, Dark Reading, 9/28/2020

Attacker Dwell Time: Ransomware's Most Important Metric

Ricardo Villadiego, Founder and CEO of Lumu, 9/30/2020

Live Events

Webinars

Hear Microsoft, FedEx & VMware Speak @ Interop Digital

Network Automation Summit presented by Network to Code at Interop Digital

Dark Reading Cybersecurity Summit @ Interop Digital

More Informa Tech Live Events

White Papers

The High Cost of Poor Web Performance

Tackling the Challenges of HTTP Streaming Delivery and Performance

Jump into the Deep End with Your Cloud Transformation

Architecting an Agile Approach to App Development

Container Security 101

More White Papers

Cartoon

Latest Comment: Sorry, I cannot brush my teeth tonight. The toothbrush locked me out after three tries.

Cartoon Archive

Current Issue

Special Report: Computing's New Normal

This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How IT Security Organizations are Attacking the Cybersecurity Problem

The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.

Download Now!

Special Report: Understanding Your Cyber Attackers

0 comments

2020 State of Cybersecurity Operations and Incident Response

0 comments

The Changing Face of Threat Intelligence

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-19393
PUBLISHED: 2020-10-01

The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to V3.15.70_4 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content (such as JavaScript or other client-side scripts) as the c...

CVE-2020-16844
PUBLISHED: 2020-10-01

In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users specify an AuthorizationPolicy resource with DENY actions using wildcard suffixes (e.g. *-some-suffix) for source principals or namespace fields, callers will never be denied access, bypassing the intended policy.

CVE-2020-24620
PUBLISHED: 2020-10-01

Unisys Stealth(core) before 4.0.132 stores Passwords in a Recoverable Format.

CVE-2020-25017
PUBLISHED: 2020-10-01

Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. Envoyâ€™s setCopy() header map API does not replace all existing occurences of a non-inline header.

CVE-2020-25018
PUBLISHED: 2020-10-01

Envoy master between 2d69e30 and 3b5acb2 may fail to parse request URL that requires host canonicalization.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]