Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Microsoft patches 48 vulnerabilities, including a Windows Search flaw that has been actively exploited in attacks [Read More]
Microsoft finally announces decision on WoSign and StartCom certificates: new certificates issued after September 2017 will not be trusted [Read More]
Vulnerabilities found by a researcher in solar panels may allow hackers to disrupt power grids, but the affected vendor says his claims are greatly exaggerated [Read More]
Siemens warns customers that some of its medical imaging products are exposed to attacks due to Windows vulnerabilities exploited in the wild [Read More]
Vulnerability patched by Microsoft in June is company’s third attempt at patching old LNK flaw exploited by Stuxnet in 2010 [Read More]
Researchers warn that hackers can abuse GitHub and other Git repo hosting services for stealthy attacks on software developers [Read More]
Bitdefender and Checkmarx publish reports describing vulnerabilities they found in popular Neo, VStarcam and Loftek IP cameras [Read More]
Netflix releases tools and information for mitigating application DDoS attacks against microservice architectures [Read More]
ICS-CERT issues warning for a CAN bus vulnerability after researchers publish a PoC exploit for DoS attacks [Read More]
Effective threat hunting leading to efficient incident response is a combination of man and machine, of art and science, with the man tailoring and automating the science to suit his own environment. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Josh Lefkowitz's picture
Safeguarding critical assets, proactively addressing cyber and physical threats, and assessing and mitigating risk accurately and effectively requires comprehensive visibility into both the Deep and the Dark Web.
Adam Meyer's picture
Different intelligence consumers in your organization create and consume varying levels of threat intel to take appropriate actions against identified risks.
Steven Grossman's picture
Without visibility into your information assets, their value, where they live, how they relate to each other and who has access to them, any strategy for protection would be inherently incomplete and ineffective.
Josh Lefkowitz's picture
Digital risk monitoring is a helpful tool for organizations that already have rich intelligence and not just data. Failing to distinguish between the two can be problematic.
Josh Lefkowitz's picture
Executive protection and physical security teams must leverage cyber threat intelligence to gain visibility into all relevant cyber and physical threats and ensure open collaboration and information sharing with all business functions.
Travis Greene's picture
If there are only five controls that a security organization can reasonably tackle this year, what should they be?
Torsten George's picture
Cyber security and cyber threats are most often confused with cyber risk, and often used interchangeably, but they are worlds apart.
Joshua Goldfarb's picture
Risk, reporting, and metrics are three important topics within information security, and they all mean drastically different things to different audiences.
Steven Grossman's picture
When it comes to security and cyber risk, CISOs are in the middle of it all, but they are not alone in protecting the enterprise.
Torsten George's picture
Let’s consider whether the proposed principles and tools by the World Economic Forum (WEF) can improve cyber resilience, and which types of enterprises can benefit most from implementing them.