Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Register for this webcast to learn how you can align, automate and enforce controls to security and compliance policies - while providing visualization, workflow and reporting critical to improving operational efficiency and reducing audit costs.
An an outage at Facebook on Jan. 26 was not the result of a third party attack, Facebook said, but occurred after the company introduced a change that affected its configuration systems.
Elites at the World Economic Forum in Davos were warned Saturday of the terrifying possibilities of modern cyber terrorism.
The US is staying silent on whether it launched a cyber attack as payback for the hacking of Sony Pictures.
North Korea appeared to have been hit by Internet outages, reports said Monday, just days after US President Barack Obama warned Washington would retaliate for a cyber attack on Sony Pictures blamed on Pyongyang.
US-CERT provided a list of the Indicators of Compromise (IOCs) that should be added to network security solutions to determine whether they are present on a network.
A spearfishing attack aimed at ICANN hooked staff members with emails crafted to appear as though they were sent from peers using "icann.org" addresses.
Sony Pictures organized a town hall-style meeting with staff Monday to discuss the massive cyber attack on the Hollywood studio, a day after hackers promised a big "Christmas gift."
Sony Pictures Entertainment pressed media outlets against using data hackers may have leaked about the studio.
Security industry experts provide reactions and insights into the damaging cyber attack against Sony that occurred in November 2014.

FEATURES, INSIGHTS // Incident Management

rss icon

Torsten George's picture
Massive data breaches are raising doubts about whether organizations are investing their security dollars in the right areas.
Danelle Au's picture
A data breach plan lays out the key steps and the key personnel to involve when a data breach happens, and needs to incorporate three elements.
Joshua Goldfarb's picture
At a high level, "big data" and "security analytics" are about the two very different, somewhat diametrically opposed, but equally important concepts of collection and analysis.
Joshua Goldfarb's picture
Asking the right questions is one of the most important and fundamental aspects of a successful security program, and allows security teams to approach challenges analytically and logically.
Jon-Louis Heimerl's picture
Based on high level review of the types of breaches we have seen over the past year, we should be able to see opportunities to make our environments more resilient to attack.
James McFarlin's picture
If North Korea is connected to the Sony attacks, it would be an archetypal example of such a weaker state using cyber operations to level the playing field in potential confrontations with the United States.
Joshua Goldfarb's picture
In resource-limited environments, every alert counts. Spear alerting is an approach that can help organizations improve their signal-to-noise ratio and make their security programs much more efficient and effective.
James McFarlin's picture
Was the plan by the Securities Industry and Financial Markets Association (SIFMA) to create a new inter-agency working group comprised of data security regulators a reaction to the recent acceleration of nationwide data breaches?
Joshua Goldfarb's picture
Because of the large volume of even the highest priority alerts, analysts are not able to successfully review each event. And with a large number of false positives, analysts become desensitized to alerts and do not take them seriously.
Joshua Goldfarb's picture
When looking to measure the success and progress of a security program, it is important to think about what success and progress actually mean.