Security Experts:

long dotted


The leaking of classified NSA documents by Edward Snowden has resulted in defense contractors changing their companies' cybersecurity practices.
Businesses need to understand they will experience a breach incident and plan accordingly how they would protect the data, a panel of experts said this week at a town hall event in honor of Data Privacy Day.
Bay Dynamics, a provider of information risk intelligence solutions, launched a new portal designed to help customers identify threat patterns, trends and behaviors based on deviations from normal user activities.
Neiman Marcus said on Thursday that between July 16 and October 30, 2013, hackers using sneaky point-of-sale malware were able to obtain details of roughly 1,100,000 customer payment cards.
According to a new report released by the World Economic Forum, failure to improve cyber security could cost the world economy trillions of dollars in economic value and lead to more frequent cyber attacks.
In its Global Threat Report, CrowdStrike identified many of the tactics, techniques, and procedures used by more than 50 different threat actor groups to craft and launch sophisticated attacks against major targets around the world.
Industry-wide cyber attack exercises (CyberRX) will examine broad and segment-specific threats targeting information systems, medical devices and other essential technology resources of the healthcare industry.
As organizations search for solutions to protect their networks, data centers, and computer systems, an unexpected threat may be lurking under the surface—senior management.
Extra security measures are being taken in Russia to monitor local Internet and cellphone network traffic that could herald the plotting of still new attacks targeting the Olympics in Sochi.
Keeping to tradition, SecurityWeek invited security experts to weigh in on New Year's resolutions for improving information security and how organizations can better develop new habits in 2014.

FEATURES, INSIGHTS // Risk Management

rss icon

Chris Coleman's picture
The shaping of the threat intelligence management market is critical to its success, and there is much confusion about the very term “threat intelligence.” I am a firm believer that intelligence is a process, not an individual thing, and that Intelligence is not “done.” It is “created.”
Dr. Mike Lloyd's picture
The fact that insurance companies – well respected by every business-centric executive – look at cyber risk and say “no, thanks” is a pretty clear indicator that something is rotten...
Torsten George's picture
A threat is the agent that takes advantage of a vulnerability. This relationship must be a key factor in the risk assessment process and can no longer be treated as risk’s neglected step child.
Mark Hatton's picture
I am painfully aware that in business and in security, hope is not a plan. However, that doesn’t mean we can’t dream a bit about the best case scenario. In the spirit of the season, here are five things I’m hoping for in the security industry this year.
Marcus Ranum's picture
There are many important and useful tools related to the metrics landscape; let's take a look at some of them and how they fit together.
Mark Hatton's picture
During the RSA Conference we heard a lot about the changing landscape of threats and how attackers are becoming more sophisticated and better funded every day. So naturally the debate ensued around whether keeping pace and ultimately closing the gap is a question of technology, spend or approach.
Aviv Raff's picture
The worst time for an enterprise to discover a gap between what they expected and what they need is during a cyber attack. Here are five questions that enterprises should ask about actionable intelligence now, not later.
Marcus Ranum's picture
Security Metrics are critical for our ability to do better at our jobs, to quantify where we are succeeding and to measure what works, and how well it's working.
Mark Hatton's picture
Here are five things I recommend security pros keep in mind when navigating the line between tight security and keeping the organization running at peak proficiency.
Jon-Louis Heimerl's picture
The concepts of defense in depth have been with us for years -- hundreds of years, if not thousands. Maybe we can learn something from those architects of warfare from the Middle Ages?