Industry Insight

Study: Average organization has 4,000 instances of exposed credentials stored in the cloud

Study: Average organization has 4,000 instances of exposed credentials stored in the cloud

By

CloudLock released its "Cloud Cybersecurity Report: The Extended Perimeter" earlier this week that looked at enterprises' use of cloud applications and storage.

Resolution1 lays off global marketing team, focuses on customers, R&D

By

After splitting from AccessData in 2014, the security start-up has decided to restructure to focus on customers and product development.

2014 deemed the year of 'far-reaching' vulnerabilities in Symantec annual report

2014 deemed the year of 'far-reaching' vulnerabilities in Symantec annual report

By

Symantec's annual threat report doesn't exactly depict a rosy cyber security world.

In annual report, Verizon uses new breach cost model for estimating loss

In annual report, Verizon uses new breach cost model for estimating loss

By

Verizon says it has a new-and-improved model for determining breach costs.

APT group detects threat monitoring and backs away in documented first

APT group detects threat monitoring and backs away in documented first

By

After continuously trying to regain access to a specific target's systems, Hurricane Panda willfully stepped away once it saw that the company was monitoring Indicators of Attack (IOA).

Symantec maintains its plans to split from Veritas

By

Symantec confirmed its plans to separate itself from its Veritas data-storage and recovery business by the end of 2015 on Monday.

Why cybersecurity is vital during the vendor selection process

Why cybersecurity is vital during the vendor selection process

You likely have a list of criteria to check through during the hiring process of a vendor, but if you haven't added cybersecurity standards to that list, you should.

Breach readiness survey shows most stray from IRP best practices

Breach readiness survey shows most stray from IRP best practices

By

The responses of global practitioners were compared with Global 1000 security execs, which provided a best practices benchmark.

Building on IT security to protect all intellectual property

Building on IT security to protect all intellectual property

To extend the ERM approach to information and IP, companies need to create a comprehensive inventory of sensitive data and intellectual property that are key to their competitiveness.

NIST calls for final comments on draft covering sensitive information protection

NIST calls for final comments on draft covering sensitive information protection

By

NIST and NARA collaborated to produce the final draft of "Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations."

What CISOs need most: Courage in the face of security nihilism

What CISOs need most: Courage in the face of security nihilism

Today's CISO must play a strategic and forceful role in mandating the transition to a more secure enterprise infrastructure.

Cybersecurity is broken

Cybersecurity is broken

Target. Home Depot. Morgan Stanley. Sony. Anthem. Jennifer Lawrence. You?

F5 Networks opens new security operations center

By

5 Networks opened the doors to its new security operations center (SOC) facility at its Seattle headquarters today.

Wake up! What are you doing to battle breach fatigue?

Wake up! What are you doing to battle breach fatigue?

IT pros, beware: The phenomenon of "data breach fatigue" isn't just an issue of consumer complacency.

Orgs need to share info, crave more board oversight, study says

Orgs need to share info, crave more board oversight, study says

By

A Blue Lava Consulting survey of more than 300 information security professionals shows that progress in reshaping security model, but highlights challenges ahead.

The failure of the security industry

The failure of the security industry

A CSO with a budget must be in want of a thousand dedicated point solutions, says Alex Stamos, CISO, Yahoo.

Giving sidelined IT security pros some love

Giving sidelined IT security pros some love

By

Threats loom heavily on the minds of those charged with keeping critical data safe from bad actors, says Illena Armstrong, VP editorial, SC Magazine.

Mobile interfacing with IoT

Mobile interfacing with IoT

The security community is abuzz about the risks of reverse engineering code.

Company news: New hires at CipherCloud and Emailage receives more funding

By

This month's company moves features new hires at Absolute Software, CipherCloud, Tenable Network Security and more.

Me and my job: Johannes Ullrich, SANS Technology Institute

Me and my job: Johannes Ullrich, SANS Technology Institute

In this month's "Me and my job" feature, we get to know Johannes Ullrich of the SANS Technology Institute.

Skills in demand: Web application security

Skills in demand: Web application security

With so many of us visiting the web for social-networking, shopping, banking, paying bills and general surfing, it's imperative that companies ensure their web facing applications are secure and free from vulnerabilities.

PCI DSS 3.0 is good, but not good enough

PCI DSS 3.0 is good, but not good enough

With every new data leak end users are looking for ways to better protect themselves and keep their personal financial identity safe from hackers.

IBM will invest $3 billion in new IoT unit

IBM will invest $3 billion in new IoT unit

By

IBM will investing $3 billion over the next four years to establish a new Internet of Things (IoT) business unit along with a cloud-based platform to help build IoT solutions.

IBM security expert panel: Fighting today's advanced attacks with behavioral-based prevention

With security incidents becoming a weekly, if not daily, occurrence, organizations need proactive, preventative security measures to protect themselves and their customers. Hear from a diverse panel of IBM Security experts.

30 percent of practitioners say they would pay cyber extortionists to retrieve their data

30 percent of practitioners say they would pay cyber extortionists to retrieve their data

By

In a recent survey, most, but not all, security professionals said they'd refuse to negotiate with cybercriminals.

The best defense is a good offense: The importance of securing your endpoints

The best defense is a good offense: The importance of securing your endpoints

The saying "better safe than sorry" rings true when it comes to data security.

The power of the subconscious to protect against online fraud

The power of the subconscious to protect against online fraud

Cybercriminals often are specifically looking for credit card numbers that can be reused on other e-commerce sites or sold to the highest bidder on the digital black market.

The car alarm syndrome and the high cost of too many security alerts

The car alarm syndrome and the high cost of too many security alerts

Sophisticated bad guys are likely to assume that high-value targets have deployed the latest security technologies - this has been the case going back over a decade.

Why it's time to replace the tootsie pop approach to network security

Why it's time to replace the tootsie pop approach to network security

How did we arrive at this approach to network security and, more importantly, what's happening today that's causing us to seriously rethink this approach?

The one-two punch of cybercrime: Who's leading the fight?

The one-two punch of cybercrime: Who's leading the fight?

Whose responsibility is it to lead the fight against cybercrime and protect valuable health care data? The answer: it's not just one person.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US