Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

According to a study conducted by EMC, enterprises employing more than 250 people lost a total of $1.7 trillion in the past year due to downtime and data loss.
Hackers of a group going by the name "GOP", which reportedly stands for "Guardians of Peace," have managed to breach the corporate network of Sony Pictures.
Cisco announced the availability of the company's OpenSOC big data security analytics framework as an open source solution.
The U.S. State Department has shut down an unclassified network and email system in response to suspicious activity recently detected by the government.
Security experts share their thoughts on the "Darkhotel" espionage campaign and provide recommendations for executives who travel a lot and don't want sensitive corporate information to end up in the hands of cyber spies.
Banking giant HSBC Turkey said that it recently identified a cyber attack targeting its credit card and debit card systems in Turkey.
BrowserStack, the cross-browser testing service, has provided more details on the attack in which a hacker gained access to information belonging to some of the company's customers.
The US Postal Service said Monday hackers stole sensitive personal information from its employees in a large data breach this year, and got some customer data as well.
Malicious actors are increasingly relying on false claims about massive data breaches to make it seem as if established firms have lost control of their critical data.
An unclassified computer network at the White House was breached recently and the main suspects are hackers allegedly working for the Russian government. Here is what some industry experts have to say.

FEATURES, INSIGHTS // Incident Management

rss icon

Jon-Louis Heimerl's picture
Based on high level review of the types of breaches we have seen over the past year, we should be able to see opportunities to make our environments more resilient to attack.
James McFarlin's picture
If North Korea is connected to the Sony attacks, it would be an archetypal example of such a weaker state using cyber operations to level the playing field in potential confrontations with the United States.
Joshua Goldfarb's picture
In resource-limited environments, every alert counts. Spear alerting is an approach that can help organizations improve their signal-to-noise ratio and make their security programs much more efficient and effective.
James McFarlin's picture
Was the plan by the Securities Industry and Financial Markets Association (SIFMA) to create a new inter-agency working group comprised of data security regulators a reaction to the recent acceleration of nationwide data breaches?
Joshua Goldfarb's picture
Because of the large volume of even the highest priority alerts, analysts are not able to successfully review each event. And with a large number of false positives, analysts become desensitized to alerts and do not take them seriously.
Joshua Goldfarb's picture
When looking to measure the success and progress of a security program, it is important to think about what success and progress actually mean.
Joshua Goldfarb's picture
Proper visibility doesn’t have to mean a deluge of uncoordinated data sources. To security operations and incident response teams, the buzz and hype should be about “big value”, not “big data”.
James McFarlin's picture
With risks to national and economic security increasing, other avenues of cyber defense are receiving attention. Improving resilience and the promising application of predictive analysis to the prevention of cyberattacks before they occur are two such areas
Mark Hatton's picture
it’s hard to build continuity under inconsistent leadership. It’s also really hard to beat the hackers when the person responsible for keeping them at bay has less job security than an NFL coach with a losing record.
Marc Solomon's picture
With the right information, security professionals can quickly pivot from detection to a full understanding of the scope of the outbreak and take action to head off wider compromises