Security Experts:

Management & Strategy
long dotted


Thousands of Let's Encrypt users saw their email addresses being exposed when the open certificate authority (CA) started sending a notification to active subscribers. [Read More]
Banking giant Morgan Stanley will pay $1 million as penalty for failure to protect customer information on roughly 730,000 clients, the Securities and exchange Commission (SEC) said Wednesday. [Read More]
The FFIEC yesterday issued a statement alerting US financial institutions (FIs) to the interbank transfer threat following the recent spate of SWIFT-based attacks and thefts. [Read More]
Congress has launched an investigation into security posture of computer systems at the U.S. Federal Reserve, following series of reports that the Federal Reserve detected more than 50 cyber breaches between 2011and 2015. [Read More]
The sixth annual survey from Smarsh on financial services communications compliance issues shows that regulatory scrutiny and compliance difficulties are increasing while resources and solutions are not. [Read More]
Hackers might have stolen user data after exploiting a vulnerability in third party software [Read More]
New report offers advice on each of the SANS critical security controls aimed specifically at providing security for SAP implementations. [Read More]
The official Bangladesh government probe into the $81 million dollar theft via SWIFT in February has suggested the possibility of insider involvement. [Read More]
SecurityWeek’s 2016 CISO Forum will take place on June 1-2, 2016 at the Ritz Carlton, Half Moon Bay. [Read More]
SWIFT CEO Gottfried Leibbrandt revealed a five-point plan designed to harden SWIFT transactions following the $81 million theft via the Bangladesh central bank. [Read More]

FEATURES, INSIGHTS // Management & Strategy

rss icon

Danelle Au's picture
If your security program is focused on reacting to news of the last data breach, you’ve all but ensured that you’ll fall victim to the next data breach.
Joshua Goldfarb's picture
The trust between those who run the security organization, and the analysts, incident responders, engineers, and others who do the work on a daily basis is extremely important.
Rafal Los's picture
While we can all agree that fundamentally security can’t succeed without knowing what we’re protecting, there are next to no good answers for how to do this.
Alastair Paterson's picture
Cyber situational awareness can provide insights into the people, processes and technology your adversaries use and turn those into an advantage.
Torsten George's picture
Using OODA as a blueprint, it’s possible to implement automated processes for pro-active security incident notification and human-guided loop intervention.
Joshua Goldfarb's picture
If you’ve centralized all of your security resources, you will have a far more difficult time handling the incident than if you’ve strategically placed security resources around the globe.
David Holmes's picture
The leaked data from the Mossack Fonseca breach is supposed to illuminate dark corners of international tax evaders, but the "Panama Papers" story has many mysteries around it still.
Adam Meyer's picture
All three types of intelligence help drive decisions and ultimately outcomes, but at different levels within the business.
Alastair Paterson's picture
By understanding the different types of incidents and the different returns, you can make a strong case for greater cyber situational awareness in the short- and long-term.
Jennifer Blatnik's picture
It is critical for business leadership to address the growing threat of ransomware as a business risk rather than a siloed IT issue.