Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
All
A View From Inside a Deception
Pen-testing today's threat deception technology is not for the faint-hearted. Do modern deception tools truly frustrate adversaries, and are they ready for the enterprise SOC?
Best 11 Quotes From Cryptographers' Panel
Cryptographers at an RSA Conference panel aren't worried about adversarial quantum cryptography. Machine learning, though, causes pressing practical issues.
How Faster COVID-19 Research Is Being Made Possible by Secure Silicon
When Intel and Leidos set up a "trusted execution environment" to enable a widespread group of researchers to securely share and confidentially compute real-world data, it was no small achievement.
10K Hackers Defend the Planet Against Extraterrestrials
Hack the Planet's Cyber Apocalypse capture-the-flag contest attracts 10,000 competitors from across the globe.
The CISO Life Is Half as Good
Lora Vaughn was at a crossroads -- and that was before mandated pandemic lockdowns came into play. Here's her story of how life got sweeter after she stepped away from the CISO job.
Realistic Patch Management Tips, Post-SolarWinds
Patch management and testing are different, exactly the same, and completely out of hand. Here are tips from the experts on how to wrangle patches in a time of malicious software updates.
Securing Super Bowl LV
A peek at open XDR technology and defense that held up better than the Kansas City Chiefs.
Dark Reading Video News Desk Returns to Black Hat
UPDATED: Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!
Russian Election Interference: What’s Next?
Nate Beach-Westmoreland gives a look back at the past 10 years of Russian election interference and disinformation campaigns. What can we learn from the past and what should we expect as the 2020 US presidential election approaches?
Beyond Burnout: What Is Cybersecurity Doing to Us?
Infosec professionals may feel not only fatigued, but isolated, unwell, and unsafe. And the problem may hurt both them and the businesses they aim to protect.
Cryptographers Panel Tackles Espionage, Elections & Blockchain
Encryption experts gave insights into the Crypto AG revelations, delved into complexities of the "right to be forgotten," and more at RSA Conference.
Wendy Nather on How to Make Security 'Democratization' a Reality
Ahead of her keynote at the RSA Conference, Cisco's head of advisory CISOs outlines to Dark Reading a unique paradigm that asks security teams to stop fighting their users -- and start sharing control with them.
Martin and Dorothie Hellman on Love, Crypto & Saving the World
Martin Hellman, co-creator of the Diffie-Hellman key exchange, and his wife of 53 years, Dorothie, talk about the current state of cryptography and what making peace at home taught them about making peace on Earth.
Coronavirus Raises New Business Continuity, Phishing Challenges for InfoSec
What happens when understaffed security teams at home and abroad are sequestered in physical quarantine zones?
AppSec Concerns Drove 61% of Businesses to Change Applications
Some have even left behind commercial software and migrated to open source or in-house homegrown applications. Continue for synopsis or read full research report.
The Next Security Silicon Valley: Coming to a City Near You?
The high cost of doing business in California's San Francisco Bay Area is just one factor driving infosec companies — established and and startups, alike — to pursue their fortunes elsewhere. Here's where many are going.
What's in a WAF?
Need a 101 lesson on Web application firewalls? Here's your crib sheet on what a WAF is, how it works, and what to look for when you're in the market for a new solution.
8 Backup & Recovery Questions to Ask Yourself
Don't wait until after a disaster, DDoS, or ransomware attack to learn just how good your backups really are.
The Inestimable Values of an Attacker's Mindset & Alex Trebek
Akamai security architect Marc Pardee tells the story of cutting his security teeth as an NSA intern and why all cybersecurity professionals can benefit from learning how to break things.
The Etiquette of Respecting Privacy in the Age of IoT
Is it rude to ask someone to shut off their Alexa? Ask the family who's written the book on etiquette for nearly 100 years — the descendants of Emily Post herself.
Poll Results: Maybe Not Burned Out, But Definitely 'Well Done'
Staff shortages and increasingly challenging jobs are turning up the heat on security pros, readers say.
'It Saved Our Community': 16 Realistic Ransomware Defenses for Cities
Practical steps municipal governments can take to better prevent and respond to ransomware infections.
The Right to Be Patched: How Sentient Robots Will Change InfoSec Management
It won't be long before we consider embodied AI as a form of "life" — and that will have a variety of paradigm-shifting, somewhat irritating, and potentially hilarious impacts on the daily lives of infosec and privacy pros.
Skepticism About Symantec and Trepidation About IoT
BLACK HAT 2019 -- Expert analysts from Informa, Eric Parizo and Tanner Johnson visit the Dark Reading News Desk to talk about the shake-ups at Symantec and trends in IoT security.
Dark Reading News Desk Live at Black Hat USA 2019
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
Twitter, Facebook, NSA Discuss Fight Against Misinformation
RSA panelists address the delicate technical challenges of combating information warfare online without causing First Amendment freedoms to take collateral damage.
Trust, or Lack of It, Is a Key Theme on RSAC Keynote Stage
Neither machines nor humans might be entirely trustworthy, but the cooperation of the two might be the answer to issues of misinformation, deep fake videos, and other issues of trust, say security leaders.
Axonius' 'Unsexy' Tool Wins RSAC Innovation Sandbox
Judges award top honor to new company solving an old, unsolved problem: asset discovery and management.
Facebook Shuts Hundreds of Russia-Linked Pages, Accounts for Disinformation
Facebook says the accounts and pages were part of two unrelated disinformation operations aimed at targets outside the US.
'We Want IoT Security Regulation,' Say 95% of IT Decision-Makers
New global survey shows businesses are valuing IoT security more highly, but they are still challenged by IoT data visibility and privacy.
Chinese Intel Agents Indicted for 5-Year IP Theft Campaign
Intelligence agents aimed for aerospace manufacturing targets, with help of cyberattackers, corporate insiders, and one IT security manager.
Dark Reading News Desk Live at Black Hat USA 2018
Watch here Wednesday and Thursday, 2 p.m. - 6 p.m. ET to see over 40 live video interviews straight from the Black Hat USA conference in Las Vegas.
GDPR Oddsmakers: Who, Where, When Will Enforcement Hit First?
The GDPR grace period ends today. Experts take their best guesses on when data protection authorities will strike - and what kind of organizations will be first to feel the sting of the EU privacy law.
Dark Reading Conference Call for Speakers Closes Friday
Don't be shy, security practitioners. Share your best practices at our 2nd annual INsecurity Conference, to be held Oct. 23-25 in Chicago.
12 Trends Shaping Identity Management
As IAM companies try to stretch 'identity context' into all points of the cybersecurity market, identity is becoming 'its own solar system.'
Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
Booz Allen survey shows most organizations' answer to the security skills shortage may be unsustainable.
First Public Demo of Data Breach via IoT Hack Comes to RSAC
At RSA Conference, senior researchers will show how relatively unskilled attackers can steal personally identifiable information without coming into contact with endpoint security tools.
Cyber War Game Shows How Federal Agencies Disagree on Incident Response
Former officials at DHS, DOJ, and DOD diverge on issues of attribution and defining what constitutes an act of cyber war.
2018 RSA Conference: Execs Push Cooperation, Culture & Civilian Safety
On the keynote stage, execs from Microsoft and McAfee introduced a new Cybersecurity Tech Accord.
Verizon DBIR: Ransomware Attacks Double for Second Year in a Row
Outside attackers still the biggest problem - except in healthcare.
One-Third of Internal User Accounts Are 'Ghost Users'
Attackers and malware can easily move laterally through an organization, thanks to inadequate access controls on file systems and a proliferation of inactive but enabled users.
UVA Defeats UMBC, in Stunning Upset
In first trip to Mid-Atlantic Collegiate Cyber Defense Competition, University of Virginia's Cyber Defense Team defeats reigning national champs from University of Maryland, Baltimore County.
Cybercrime Costs for Financial Sector up 40% Since 2014
A 9.6% increase just in the past year, and denial-of-service attacks are partly to blame.
17 Things We Should Have Learned in 2017 But Probably Didn't
The worm has returned and the Yahoos have all been exposed, but did 2017 teach us any genuinely new lessons we shouldn't already have known?
We're Still Not Ready for GDPR? What is Wrong With Us?
The canary in the coalmine died 12 years ago, the law went into effect 19 months ago, but many organizations still won't be ready for the new privacy regulations when enforcement begins in May.
GDPR Compliance: 5 Early Steps to Get Laggards Going
If you're just getting on the EU General Data Protection Regulation bandwagon, here's where you should begin.
St. Jude Pacemaker Gets Firmware Update 'Intended as a Recall'
The devices that were the subject of a vulnerability disclosure debate last summer now have an FDA-approved fix.
New York's Historic FinSec Regulation Covers DDoS, Not Just Data
Starting today, New York banks and insurers must report to authorities within 72 hours on any security event that has a 'reasonable likelihood' of causing material harm to normal operations.
Look, But Don't Touch: One Key to Better ICS Security
Better visibility is essential to improving the cybersecurity of industrial control systems and critical infrastructure, but the OT-IT cultural divide must be united.
You Have One Year to Make GDPR Your Biggest Security Victory Ever
The EU's new razor-toothed data privacy law could either rip you apart or help you create the best security program you've ever had. Here's how.
US-CERT Warns That HTTPS Inspection Tools Weaken TLS
Turns out that man-in-the-middling your own traffic isn't the safest way to look for man-in-the-middle attacks.
Women Still Only 11% Of Global InfoSec Workforce
Career development and mentorship programs make women in cybersecurity feel more valued, increase women's success.
After Election Interference, RSA Conference Speakers Ask What Comes Next
Election-tampering called 'a red line we should not allow anyone to cross.'
Microsoft President Says Tech Industry Should Be 'Neutral Digital Switzerland'
RSA Conference: Brad Smith also says the world needs a "Digital Geneva Convention" to establish the international rules for nation-state cyber conflict.
Darkness & Hope On Display At RSA Conference Keynotes
Attendees start morning with John Lithgow telling them 'Look at how your light shines together.'
National Security, Regulation, Identity Top Themes At Cloud Security Summit
Gen. Keith Alexander gives Trump a thumbs-up and Cloud Security Alliance releases a new application.
White House Announces Retaliatory Measures For Russian Election-Related Hacking
35 Russian intelligence operatives ejected from the US, and two of the "Cyber Most Wanted" are frozen out by Treasury Department.
10 Things InfoSec Pros Can Celebrate About 2016
There were a few items that passed for good news this year.
Amit Yoran Leaves Dell RSA To Join Tenable As New CEO
Yoran says recent Dell acquisition of RSA parent company EMC did 'not really' impact his decision to leave.
Avalanche Botnet Comes Tumbling Down In Largest-Ever Sinkholing Operation
800,000 domains seized, sinkholed, or blocked, and five individuals arrested, in international effort to bring down botnet linked to 17 major malware families.
2016's 7 Worst DDoS Attacks So Far
Rise of booter and stresser services, mostly run on IoT botnets, is fueling DDoS excitement (but the pros aren't impressed).
Security Experts Call For Regulation On IoT Cybersecurity
During a House Committee hearing today, Bruce Schneier also asks for the establishment of a new government agency devoted to cybersecurity.
Dark Reading Radio: 'Bug Bounties & The Zero-Day Trade'
Join us, HackerOne's Alex Rice, and Veracode's Chris Wysopal for the next episode of Dark Reading Radio, today, Wednesday Nov. 16, at 1pmET.
75,000 Data Protection Officers Needed By 2018 To Handle EU Law
US alone will need 9,000 DPOs to meet GDPR mandates, says International Association of Privacy Professionals - but don't expect that many new job listings.
Acalvio Technologies Secures Investment from GV
GV (formerly Google Ventures) Joins Accel Ventures, Ignition Partners, Eileses Capital and Splunk, Bringing Total Investment in the Company to $22M
Google Adwords Malvertising Campaign Targets Apple Macs
Cheeky attackers make their lure an ad for Google Chrome.
US Should Help Private Sector 'Active Defense,' But Outlaw Hacking Back, Says Task Force
Task Force at George Washington University suggests ways for government to clear up legal quagmires, improve tools, keep us all out of trouble.
New Free Tool Stops Petya Ransomware & Rootkits
Meanwhile, Locky puts ransomware on the Check Point Top Three Global Malware List for the first time ever.
|
Improving Enterprise Cybersecurity With XDREnterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
