Security Experts:

Management & Strategy
long dotted

NEWS & INDUSTRY UPDATES

Two independent research groups have already managed to bypass the protection mechanisms provided by the latest version of Microsoft's Enhanced Mitigation Experience Toolkit (EMET).
Cisco announced the availability of the company's OpenSOC big data security analytics framework as an open source solution.
Some 74 percent said they are facing new challenges in cyber-security, and 70 percent admit their organization "lacks data protection and privacy expertise."
The U.S. State Department has shut down an unclassified network and email system in response to suspicious activity recently detected by the government.
Microsoft reported that some users who have applied patch (MS14-066) to address the Schannel Remote Code Execution Vulnerability (CVE-2014-632) 1are having issues, including a fatal alert related to the TLS protocol.
Security experts share their thoughts on the "Darkhotel" espionage campaign and provide recommendations for executives who travel a lot and don't want sensitive corporate information to end up in the hands of cyber spies.
Banking giant HSBC Turkey said that it recently identified a cyber attack targeting its credit card and debit card systems in Turkey.
Cyberthreat intelligence firm IID has hired Kelly Haggerty as the company’s Chief Product Officer, the company said Thursday.
BrowserStack, the cross-browser testing service, has provided more details on the attack in which a hacker gained access to information belonging to some of the company's customers.
Version of the 5.1 of Microsoft's Enhanced Mitigation Experience Toolkit (EMET) brings improved protection and addresses several application compatibility issues.

FEATURES, INSIGHTS // Management & Strategy

rss icon

James McFarlin's picture
Was the plan by the Securities Industry and Financial Markets Association (SIFMA) to create a new inter-agency working group comprised of data security regulators a reaction to the recent acceleration of nationwide data breaches?
Marc Solomon's picture
While we can’t address security without technology, we also need to consider education. Organizations must also be committed to keeping their IT security staff highly trained on the current threat landscape and advanced approaches to security.
Nate Kube's picture
I would like the OT security community to move away from asking what can we do to gain greater adoption of a greenfield IT security model and instead ask how we can gain demonstrable gains in OT security posture more efficiently.
Joshua Goldfarb's picture
Because of the large volume of even the highest priority alerts, analysts are not able to successfully review each event. And with a large number of false positives, analysts become desensitized to alerts and do not take them seriously.
Jason Polancich's picture
Sharing threat information, analysis and expertise within your “extended family” can be very valuable to establishing the kind of early warning system that is the promise of cyber information sharing to begin with - and without most of the risks.
Marcus Ranum's picture
To communicate about our metrics, we need ways that we can ground our experience in terms of “normal” for us; Otherwise, we really can't communicate our metrics effectively with anyone who isn't in a similar environment.
James McFarlin's picture
Whether Adm. Michael Rogers can capitalize on opportunities to pull together the teamwork necessary to shore up America’s cybersecurity is a game just begun.
Joshua Goldfarb's picture
When looking to measure the success and progress of a security program, it is important to think about what success and progress actually mean.
Jason Polancich's picture
Your employees, partners, customers and suppliers are your “survival group” battle-buddies now and it’s important to know how the zombies behave and where they hide.
James McFarlin's picture
A bountiful source of innovative new products for mature security providers lies in the hunting ground of promising newer firms.
view counter