Security Experts:

long dotted


The FDA has released guidance on the postmarket management of cybersecurity in medical devices [Read More]
A new variant of the KillDisk malware encrypts files and holds them for ransom instead of deleting them [Read More]
According to IBM, attacks on industrial control systems (ICS) increased by 110% in 2016 compared to the previous year [Read More]
Inflight Internet and entertainment company Gogo launches bug bounty program with maximum rewards of $1,500 per bug [Read More]
Researcher discloses potentially serious vulnerabilities found in Panasonic Avionics in-flight entertainment systems [Read More]
Algorithms are used for such purposes because they are good at making probabilistic projections based on past data with no human intervention and at machine speed -- but they are not infallible, and have become the basis of fictional Armageddons. [Read More]
Cyber insurance is important now and will be even more important in the future, and some security firms are now offering their own guarantees on products. [Read More]
IT systems connected to pagers leak data that can be highly valuable for conducting reconnaissance [Read More]
Researchers find an apparently critical vulnerability in a PwC security tool for SAP systems, but PwC has downplayed the risk [Read More]
The global cyber insurance market is expected to generate $14 billion by 2022, according to a new report published by Allied Market Research (AMR). [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Josh Lefkowitz's picture
It's crucial for healthcare institutions to recognize their industry’s inherent susceptibility to cyber threats and that standards and regulations will, by their nature, always be reactive.
Steven Grossman's picture
The goal of stopping all cyber attacks and preventing all business impact has been recognized as a fool’s errand, and has shifted to measuring risk and minimizing business impacts.
Torsten George's picture
Since most IoT devices and microservices lack adequate security frameworks or tools to monitor and detect security gaps, traditional methods such as penetration testing should be reconsidered despite their hefty price tag.
Torsten George's picture
Faced with hundreds, thousands, and even hundreds of thousands of vulnerabilities across their IT infrastructures leaves security practitioners at a virtually insurmountable disadvantage.
Travis Greene's picture
Unlike the political arena, or even other divisions of the technology industry, when working in IT security, people rarely notice when everything is done perfectly.
Josh Lefkowitz's picture
The pivotal role of cybersecurity during the recent United States presidential election has underscored the critical need to focus on a secure electoral process.
Eddie Garcia's picture
To reduce the chances of falling victim to an insider-driven breach, security and risk professionals should start by learning what their available data can tell them.
Joshua Goldfarb's picture
No one ever said that prioritizing risk, meeting the needs of a complex market, or starting a technology company were easy. But more often than not, the answers we seek are right there in front of us.
Torsten George's picture
Implementing a Zero Trust model represents a dramatic change and requires a well-planned transition that should be complimented by efforts to operationalize cyber risk detection, prevention, and response.
Alastair Paterson's picture
Sophisticated adversaries are finding vulnerabilities wherever they can, and often that means looking to an organization’s partners for weaknesses in defenses.