Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Sony Pictures organized a town hall-style meeting with staff Monday to discuss the massive cyber attack on the Hollywood studio, a day after hackers promised a big "Christmas gift."
Sony Pictures Entertainment pressed media outlets against using data hackers may have leaked about the studio.
Security industry experts provide reactions and insights into the damaging cyber attack against Sony that occurred in November 2014.
According to a study conducted by EMC, enterprises employing more than 250 people lost a total of $1.7 trillion in the past year due to downtime and data loss.
Hackers of a group going by the name "GOP", which reportedly stands for "Guardians of Peace," have managed to breach the corporate network of Sony Pictures.
Cisco announced the availability of the company's OpenSOC big data security analytics framework as an open source solution.
The U.S. State Department has shut down an unclassified network and email system in response to suspicious activity recently detected by the government.
Security experts share their thoughts on the "Darkhotel" espionage campaign and provide recommendations for executives who travel a lot and don't want sensitive corporate information to end up in the hands of cyber spies.
Banking giant HSBC Turkey said that it recently identified a cyber attack targeting its credit card and debit card systems in Turkey.
BrowserStack, the cross-browser testing service, has provided more details on the attack in which a hacker gained access to information belonging to some of the company's customers.

FEATURES, INSIGHTS // Incident Management

rss icon

Danelle Au's picture
A data breach plan lays out the key steps and the key personnel to involve when a data breach happens, and needs to incorporate three elements.
Joshua Goldfarb's picture
At a high level, "big data" and "security analytics" are about the two very different, somewhat diametrically opposed, but equally important concepts of collection and analysis.
Joshua Goldfarb's picture
Asking the right questions is one of the most important and fundamental aspects of a successful security program, and allows security teams to approach challenges analytically and logically.
Jon-Louis Heimerl's picture
Based on high level review of the types of breaches we have seen over the past year, we should be able to see opportunities to make our environments more resilient to attack.
James McFarlin's picture
If North Korea is connected to the Sony attacks, it would be an archetypal example of such a weaker state using cyber operations to level the playing field in potential confrontations with the United States.
Joshua Goldfarb's picture
In resource-limited environments, every alert counts. Spear alerting is an approach that can help organizations improve their signal-to-noise ratio and make their security programs much more efficient and effective.
James McFarlin's picture
Was the plan by the Securities Industry and Financial Markets Association (SIFMA) to create a new inter-agency working group comprised of data security regulators a reaction to the recent acceleration of nationwide data breaches?
Joshua Goldfarb's picture
Because of the large volume of even the highest priority alerts, analysts are not able to successfully review each event. And with a large number of false positives, analysts become desensitized to alerts and do not take them seriously.
Joshua Goldfarb's picture
When looking to measure the success and progress of a security program, it is important to think about what success and progress actually mean.
Joshua Goldfarb's picture
Proper visibility doesn’t have to mean a deluge of uncoordinated data sources. To security operations and incident response teams, the buzz and hype should be about “big value”, not “big data”.