Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Open source projects can benefit from HackerOne’s Professional services for free as long as they meet certain conditions [Read More]
The New York State Department of Financial Services (DFS) 'first-in-the-nation' cybersecurity regulation for the financial services industry is, as of 1 March 2017, operational . One of the most highly regulated industries is now even more regulated in New York. [Read More]
Robots affected by vulnerabilities that can be exploited for spying, sensitive data theft, and even to cause physical harm or damage [Read More]
Researchers analyzed several popular Android password managers and found that they fail to properly protect user credentials [Read More]
Google discloses unpatched vulnerability affecting Microsoft’s Edge and Internet Explorer web browsers [Read More]
The U.S. oil and gas industry is not prepared to address OT cybersecurity risks, according to a Siemens study [Read More]
Researchers use drones and hard drive LEDs to steal data from air-gapped computers at speeds of up to 4,000 bps [Read More]
Researchers warn about the threat posed by logic bombs to industrial control systems (ICS), particularly programmable logic controllers (PLCs) [Read More]
Study conducted by Trend Micro shows the exposure of critical sectors and industrial systems in the United States [Read More]
Researchers showed the impact of ransomware on ICS by simulating an attack on a water treatment plant [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Torsten George's picture
Faced with hundreds, thousands, and even hundreds of thousands of vulnerabilities across their IT infrastructures leaves security practitioners at a virtually insurmountable disadvantage.
Travis Greene's picture
Unlike the political arena, or even other divisions of the technology industry, when working in IT security, people rarely notice when everything is done perfectly.
Josh Lefkowitz's picture
The pivotal role of cybersecurity during the recent United States presidential election has underscored the critical need to focus on a secure electoral process.
Eddie Garcia's picture
To reduce the chances of falling victim to an insider-driven breach, security and risk professionals should start by learning what their available data can tell them.
Joshua Goldfarb's picture
No one ever said that prioritizing risk, meeting the needs of a complex market, or starting a technology company were easy. But more often than not, the answers we seek are right there in front of us.
Torsten George's picture
Implementing a Zero Trust model represents a dramatic change and requires a well-planned transition that should be complimented by efforts to operationalize cyber risk detection, prevention, and response.
Alastair Paterson's picture
Sophisticated adversaries are finding vulnerabilities wherever they can, and often that means looking to an organization’s partners for weaknesses in defenses.
Torsten George's picture
By implementing these three main pillars, organizations can operationalize their cyber security practices to shorten time-to-detection and ultimately, time-to-remediation of cyber threats.
Adam Meyer's picture
With any cyber security-related capability, you need to answer the “so what” question. What does any of this intelligence mean? And does it help us achieve the desired outcome(s)?
Torsten George's picture
Relying solely on existing intelligence provided by vulnerability scanners should only be a first step in a cyber risk management process.