Security Experts:

Management & Strategy
long dotted

NEWS & INDUSTRY UPDATES

NSS Labs has introduced a new SaaS offering designed to help enterprises identify threats targeting their systems, evaluate their security posture, and create incident response plans.
FishNet Security has opened a new technology testing lab that allows partners and customers to vet technologies in a virtual IT environment using simulated network conditions and attack scenarios.
CrowdStrike has launched a new threat intelligence exchange platform that facilitates the access and exchange of threat intelligence between vendor partners.
Target said that t its second quarter financial results are expected to include gross expenses of $148 million, partially offset by a $38 million insurance receivable, related to the December 2013 massive data breach.
Bitglass, a Silicon Valley-based provider of enterprise data protection solutions, has secured $25 million in Series B funding.
P.F. Chang's said that an intruder may have stolen some data from certain credit and debit cards that were used during specified time frames at 33 P.F. Chang's China Bistro branded restaurant locations in the continental United States.
Mozilla warned that it mistakenly exposed information on almost 80,000 members of its Mozilla Developer Network (MDN) as a result of a botched data sanitization process.
The security startup behind the Mitro password manager has been acquired by Twitter, the team at Mitro announced on Thursday.
According to a recent survey of senior C-level executives, CISOs are often viewed simply as convenient scapegoats in the event of a headline-grabbing data breach.
Researchers at FireEye have analyzed the operations of the advanced persistent threat (APT) group dubbed "Pitty Tiger," and determined that it might have been active since as far back as 2008.

FEATURES, INSIGHTS // Management & Strategy

rss icon

Adam Ely's picture
CISOs are notoriously disliked. Trying to protect company, customer and employee data often means having to say “no” to new projects and implementations. This does not earn you many friends.
Torsten George's picture
In order to find the needle in the haystack, it is imperative to have all necessary data available to diagnose the patterns that point to an advanced persistent threat or sophisticated cyber-attack.
Joshua Goldfarb's picture
Understanding the challenges of information sharing up front can help organizations learn from the mistakes of others and build a more successful information sharing program.
Mark Hatton's picture
The fall of a high-profile CEO due to security concerns makes me envision a scenario where security is now given a more prominent role on the executive team, with more emphasis placed on avoiding the breach in the first place.
Marcus Ranum's picture
Don't ask your boss, “what metrics should I collect?” Metrics are 'produced' not 'collected' and you need to spend time figuring out what metrics are appropriate for your organization.
Mike Tierney's picture
Implementing an employee monitoring program and putting the three Ds process into place can act as a strong means of deterring inappropriate behavior or malicious intent by insiders.
Torsten George's picture
Shortcomings in a cloud providers’ security architecture can trickle down to customers that leverage their services. So what steps should organizations take to retool their security practices for the cloud age?
Joshua Goldfarb's picture
When performing incident response, an organization should proceed through various stages by following its incident response process. While all stages are important, when an enterprise is attacked, the highest priority quickly becomes moving rapidly from detection to containment.
Mark Hatton's picture
The fact that you aren’t seeing or hearing about potential threats to the organization, or alarms aren’t being raised by the security team, shouldn’t make you feel better as an executive.
Jon-Louis Heimerl's picture
When it comes to the security responsibilities of vendors, answers are still often behind where they need to be. What are some things to think about in the way you manage your security with your vendors?