Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Cyber risk assessment and data breach services company NetDiligence published a new study focusing on the costs incurred by insurance underwriters due to cyber incidents.
While Home Depot and Staples say cyber liability insurance will mitigate the financial impact of data breaches they suffered, adoption of cyber insurance generally appears to be mixed.
ENISA, Europe's Cyber security agency, has released two reports that aim to inform and guide decision makers in the public and private sector on the use and implementation of cryptographic protocols for securing personal data.
Microsoft reported that some users who have applied patch (MS14-066) to address the Schannel Remote Code Execution Vulnerability (CVE-2014-632) 1are having issues, including a fatal alert related to the TLS protocol.
Security experts share their thoughts on the "Darkhotel" espionage campaign and provide recommendations for executives who travel a lot and don't want sensitive corporate information to end up in the hands of cyber spies.
Central Dermatology Center of North Carolina said that one of its servers was breached by hackers back in August of 2012, but just became aware of the breach.
The Australian Signals Directorate is warning that cyber-criminals will target the upcoming G20 summit in Brisbane, saying they could include state-sanctioned hackers, trade spies or activists.
In a two-year study of information about critical control systems directly connected to the Internet, researchers found mining equipment, a surprising number of wind farms, a crematorium, water utilities, and several substations.
Supermarket chains Supervalu and Albertson's revealed that some of their payment processing systems have once again been breached.
Google, Dropbox, the Open Technology Fund and several security researchers have joined forces for a new initiative that focuses on usable secure technologies.

FEATURES, INSIGHTS // Risk Management

rss icon

Joshua Goldfarb's picture
The past few decades in the information security field have been dominated by passive failure. Clearly, not every new idea has merit, but those ideas that come about scientifically and methodically have tremendous potential to improve the state of security.
Torsten George's picture
With cyber criminals increasingly targeting third-party vendors to gain backdoor access to data at large, well-protected global organizations, security professionals need to rethink their vendor risk management practices.
Danelle Au's picture
A data breach plan lays out the key steps and the key personnel to involve when a data breach happens, and needs to incorporate three elements.
Jason Polancich's picture
Most businesses today cannot say with any certainty how the cybersecurity tools or people they acquire and use align with their specific cyber problems.
Torsten George's picture
2015 will prove to be a challenging year for IT security professionals. So, what can we expect in the next 12 months?
James McFarlin's picture
If North Korea is connected to the Sony attacks, it would be an archetypal example of such a weaker state using cyber operations to level the playing field in potential confrontations with the United States.
Adam Firestone's picture
Security requirements for information assurance, risk management, and certification and accreditation constrain Government organizations with respect to software allowed on Government networks.
Joshua Goldfarb's picture
In resource-limited environments, every alert counts. Spear alerting is an approach that can help organizations improve their signal-to-noise ratio and make their security programs much more efficient and effective.
Jason Polancich's picture
Starting your own private ISAC is easier and more important long-term than you might think.
James McFarlin's picture
What key forces are driving the demand for cyber insurance and how can such coverage best fit into an overall cybersecurity strategy?