Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

New report offers advice on each of the SANS critical security controls aimed specifically at providing security for SAP implementations. [Read More]
SWIFT CEO Gottfried Leibbrandt revealed a five-point plan designed to harden SWIFT transactions following the $81 million theft via the Bangladesh central bank. [Read More]
Onapsis warns that there are indicators of exploitation against 36 large-scale global enterprises around the world. [Read More]
Verizon has published its widely anticipated 2016 Data Breach Investigations Report (DBIR), compiled by Verizon with the support 67 contributing partners. [Read More]
FireEye has launched a new service designed to help organizations manage the risks associated with corporate Mergers & Acquisitions (M&A). [Read More]
In a recent survey, only 31 percent of respondents believe their vendor’s risk management program is highly effective, yet only 38 percent track the effectiveness of the vendor risk management program. [Read More]
Since no company can be secure against targeted attacks, there can be no surprise that law firms will be breached once they are targeted. [Read More]
Petya, the ransomware family recently discovered to encrypt entire hard disks, performs a two-phase encryption process. [Read More]
Qualys ThreatPROTECT gathers and correlates data from vulnerability scans and threat feeds to give organizations a view of their potential exposure to threats. [Read More]
Facebook has paid out more than $4.3 million since the launch of its bug bounty program, $936,000 of which in 2015 [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Adam Meyer's picture
With any cyber security-related capability, you need to answer the “so what” question. What does any of this intelligence mean? And does it help us achieve the desired outcome(s)?
Torsten George's picture
Relying solely on existing intelligence provided by vulnerability scanners should only be a first step in a cyber risk management process.
Ashley Arbuckle's picture
How can security professionals harness cybersecurity to help their organizations take advantage of new opportunities in order to thrive in this digital era?
Ken McAlpine's picture
Once you have an understanding of where your security risks are, you can make better choices about what types and what sources of threat intelligence are most applicable.
Alastair Paterson's picture
It's important to look at your environment through the eyes of an attacker to detect the threats and vulnerabilities relevant to your organization.
Torsten George's picture
Vulnerability assessments are often confused with penetration tests. In fact, the two terms are often used interchangeably, but they are worlds apart.
Ashley Arbuckle's picture
C-suite leaders should be thinking about cybersecurity as a strategic advantage that can set them apart from competitors.
Rafal Los's picture
While we can all agree that fundamentally security can’t succeed without knowing what we’re protecting, there are next to no good answers for how to do this.
Alastair Paterson's picture
Cyber situational awareness can provide insights into the people, processes and technology your adversaries use and turn those into an advantage.
Torsten George's picture
Using OODA as a blueprint, it’s possible to implement automated processes for pro-active security incident notification and human-guided loop intervention.