Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Facebook launches free Certificate Transparency Monitoring tool that allows users to obtain information on certificates issued for a specified domain [Read More]
Starting on June 16, 2016, the old SSLv3 and RC4 security protocols will no longer be supported on Google’s SMTP servers and on Gmail’s web servers. [Read More]
The Electronic Frontier Foundation (EFF) on Thursday announced Certbot, a Let's Encrypt client designed to help websites encrypt their traffic. [Read More]
Karamba Security comes out of stealth mode with ECU endpoint solution designed to protect connected cars against cyberattacks [Read More]
Free and open Certificate Authority (CA) Let’s Encrypt announced this week that it has issued more than 1 million certificates since issuing its first Digital Certificate last year. [Read More]
Multi-vector denial of service (DDoS) attacks are increasing in frequency, complexity and size, Arbor Networks’ 11th Annual Worldwide Infrastructure Security Report (WISR) reveals. [Read More]
The Tor Project will launch an invite-only bug bounty program via the HackerOne platform in 2016 [Read More]
A blockchain is essentially a shared, encrypted "ledger" that cannot be manipulated, offering promise for secure transactions that allow anyone to get an accurate accounting of money, property or other assets. [Read More]
Microsoft announced that it plans on removing trust on root certificates issued by 11 Certificate Authorities (CAs) in January 2016. [Read More]
Symantec will invest $50 million to boost its cyber security services business globally, with a specific focus on the Asia-Pacific region. [Read More]

FEATURES, INSIGHTS // Security Architecture

rss icon

Joshua Goldfarb's picture
Tree rings occur when the growing season ends and growth stops. To avoid stagnation, a security organization must never stop growing.
Wade Williamson's picture
By building security controls that identify and correlate the malicious behaviors of an attack, we can begin to the tip the scales back in our favor.
Pat Calhoun's picture
While individual products and technologies are important weapons, they operate in a silo and lose sight of the bigger picture. The reality is that you can’t just rely on a single defense or a silver bullet.
Marcus Ranum's picture
When you start keeping a long-term data series, remember that you can't change your algorithm for interpreting it on a regular basis.
Joshua Goldfarb's picture
While intelligence is a critical component of a mature security program, it should not drive security. A risk-driven approach provides a much more comprehensive and scientific approach that allows organizations to keep pace with today’s sophisticated threats.
Nate Kube's picture
Nate introduces various perspectives on cybersecurity as a moniker, shares some illuminating data, and presents a vernacular to move our field forward.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
Avi Chesla's picture
In order to be effective, security solutions must become more directly associated, in real-time, to cyber defense planning models.
Joshua Goldfarb's picture
Is budget a good metric for security? In other words, if an organization wishes to improve its security posture, is spending more money an appropriate response?
Rebecca Lawson's picture
There is a common misconception that in order to move to virtual security solutions, companies can, or should, replace physical security technologies they rely on to keep their networks safe today.