Security Experts:

long dotted


Mozilla has unveiled a new, cross platform memory inspection library that can be integrated into its Mozilla InvestiGator (MIG) endpoint security system.
A steady stream of low-level cyber attacks poses the most likely danger to the United States rather than a potential digital "armageddon," US intelligence director James Clapper said.
Industry professionals applauded the steps by the White House to promote cyber threat information sharing, but an executive order can only go so far and more is needed than just information sharing to combat sophisticated cyber attacks, experts said.
Please join us on Tuesday, Feb. 3rd at 1PM ET for a special webcast: How To Avoid Being Tomorrow's Headline: Mitigating Insider Threats and Breaches, presented by Centrify.
Enterprises have identified the weak link in the chain in endpoint security - and if you are an end user, that weak link is probably you, according to a new survey.
Security experts discuss the implications of the new version of the Payment Card Industry Data Security Standard as the New Year dawns.
Security experts weigh in on what they would like to see in 2015 to make their jobs wrangling users, infrastructure, and data easier.
South Korea's nuclear power plant operator launched a two-day drill to test its ability to thwart a cyber attack, after a series of online information leaks by a suspected hacker.
Rapid7 announced that it has received $30 million in funding, bringing the total raised by the company to-date to $93 million.
Cyber risk assessment and data breach services company NetDiligence published a new study focusing on the costs incurred by insurance underwriters due to cyber incidents.

FEATURES, INSIGHTS // Risk Management

rss icon

Torsten George's picture
The DHS initiated the Continuous Diagnostics and Mitigation program to safeguard and secure Federal Information Technology networks. But can the DHS CDM program really strengthen the security posture of government networks?
Jason Polancich's picture
Companies that engage in periodic or annual cyber risk assessments and feel comfortable with results are flirting with disappointment - and maybe even disaster.
Torsten George's picture
The broad reach of GRC solutions creates a unique set of deployment challenges from both a technical and business perspective. This raises the question – how can organizations avoid common GRC pitfalls?
Joshua Goldfarb's picture
Let’s face it. Most people in the world in which we live are not very security literate. To learn security lessons from the “unwashed masses”, we must first understand what security means to them.
Rafal Los's picture
It’s your job to understand your limitations on the understanding of risk and to responsibly formulate defensible calculations that drive your tactics and strategy. Using “probability” as a metric is not only black magic, but it’s going to give you the wrong answer.
Torsten George's picture
IoT opens up companies all over the world to more security threats, and only time will tell if the IoT vendor community can come together to create a common security framework that helps shrink the security risk iceberg and minimize the risk of cyber-attacks.
Torsten George's picture
Organizations that address certain inhibitors to risk management head-on, can significantly reduce the time it takes to produce risk profiles.
Wade Williamson's picture
In security circles, 2014 was known colloquially as “the year of the breach.” However, 2015 almost doubled the 2014 tally of breached records, and has done so in the first eight months.
Travis Greene's picture
As much fun as it is to wake up to patches waiting to be unwrapped, we don’t want the regret of “exploit Wednesday”, which is far more embarrassing than becoming a victim of a zero-day exploit.
Torsten George's picture
Some insurers are citing litigation and poor operations as reasons not to payout on losses.