Security Experts:

More Security Headlines

SecurityWeek invites you to participate in the 2014 SecurityWeek Golf Classic! Our first classic is being held at the prestigious world-class Ocean Course at Half Moon Bay, located just 23 miles from San Francisco International Airport.
Cisco Systems has announced a new managed security solution that applies real-time, predictive analytics to detect attacks and protect customers from advanced malware across their extended networks.
Healthcare organizations are still struggling with information sharing both internally and externally, participants in an industry-wide cyber-security exercise said.
CrowdStrike has released a free tool to help organizations detect the presence of systems on their networks that are vulnerable to the OpenSSL Heartbleed vulnerability.
Verizon expanded its 2014 Data Breach Investigations Report to include security incidents that didn't result in breaches and provided industry-by-industry analysis of various threat types.
Oracle issued an advisory listing products known to be vulnerable as well as those under investigation.
Damballa has raised $13 million from existing investors to capitalize on growing demand for its automated breach defense platform.
The goal of the attack is to circumvent the mobile transaction number authentication mechanisms used by banks, according to ESET.
Ben-Gurion University of the Negev has signed a $8.5 million agreement with the Israel National Cyber Bureau to develop CyberSpark, which includes a National Cyber Research Center adjacent to BGU’s campus.
FireHost has $25 million in a Series E funding round led by its longtime investor, The Stephens Group.

SecurityWeek Experts

rss icon

Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Marcus Ranum's picture
When you start your metrics program, you'll find that a great deal of information can be gleaned from existing data that gets stored in various places – most likely in your system logs.
Chris Hinkley's picture
The most advanced technology in the world is only as good as the people and systems behind it. Otherwise your sophisticated security device is nothing more than a paperweight.
Danelle Au's picture
Trying to defend against modern, advanced attacks with one-off point solutions is like playing a whack-a-mole game, always one step behind the attacker and trying to play catch up with the alerts as they’re received.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Nimmy Reichenberg's picture
By properly segregating the network, you are essentially minimizing the level of access to sensitive information for those applications, servers, and people who don’t need it, while enabling access for those that do.
Tal Be'ery's picture
The Target breach shows that APT attacks have commoditized and therefore should concern not only the government and defense industry, but probably every enterprise.
Torsten George's picture
The NIST Cybersecurity Framework is a good first step towards creating a standardized approach to cyber security, but requires many substantial updates before really improving our nation’s cyber resilience.
Wade Williamson's picture
If criminals can’t use or sell stolen data without being caught, then the data quickly becomes worthless. As a result it’s critical to understand what happens to data after a breach.
Marc Solomon's picture
The energy sector requires an approach to cybersecurity that doesn’t rely exclusively on air gaps or point-in-time detection tools but addresses the full attack continuum – before, during, and after an attack.