It didn't take long for information security professionals to take to Twitter, blogs, and social media to blast the latest White House proposals for cybersecurity legislation. A small group of civic-minded professionals are calling on the industry to stop complaining and actually do something about it.
When it comes to protecting against insider threat, there can be an over-reliance on policy and automated enforcement. Access Governance is a powerful tool to reduce the insider threat, but it needs to mature to the point where it is more responsive and more automated before relying on it completely.
The past few decades in the information security field have been dominated by passive failure. Clearly, not every new idea has merit, but those ideas that come about scientifically and methodically have tremendous potential to improve the state of security.
Several financial analyst firms concluded extensive studies, surveying over a thousand CIOs and CSOs cumulatively, to gain a better understanding of how these breaches are impacting spending behaviors.
Cybercriminals are getting increasingly sophisticated in their efforts to outsmart security defenses such as sandboxing. Here is a quick look at techniques used by attackers to evade sandbox detection.
With cyber criminals increasingly targeting third-party vendors to gain backdoor access to data at large, well-protected global organizations, security professionals need to rethink their vendor risk management practices.