Security Experts:

Management & Strategy
long dotted


Enterprise IoT security company Armis emerges from stealth mode with $17 million in funding [Read More]
Router and switch LEDs can be used to stealthily exfiltrate sensitive data from air-gapped computers, researchers demonstrate [Read More]
Several researchers and security firms have teamed up to disrupt the infrastructure of the RIG exploit kit [Read More]
A government contractor has been charged for leaking a classified NSA report on Russia election hacking to The Intercept [Read More]
Two researchers said they earned a total of $10,000 from Yahoo for finding several vulnerabilities, including ones that allowed code execution [Read More]
Change 2 to the National Industrial Security Program Operating Manual (NISPOM 2) specifies that all cleared personnel receive prior insider threat awareness training prior to gaining access to classified information. [Read More]
Oracle improves its cloud security offering, including machine learning, artificial intelligence and contextual awareness technologies [Read More]
Google announces capture the flag (CTF) competition with a prize pool of over $31,000 [Read More]
OneLogin shares more details on the breach suffered this week, including the method of attack and customer impact [Read More]
Russian President Vladimir Putin: patriotic citizens may be behind election hacks, but it could be a false flag and hacking is unlikely to influence elections [Read More]

FEATURES, INSIGHTS // Management & Strategy

rss icon

Torsten George's picture
Unfortunately, a significant portion of information security resources are consumed by data gathering and aggregation processes.
Avi Chesla's picture
At the end of the day, CISOs are finding it very challenging to be able to assess the performance of the security products in their organization’s arsenal.
Steven Grossman's picture
Without visibility into your information assets, their value, where they live, how they relate to each other and who has access to them, any strategy for protection would be inherently incomplete and ineffective.
Adam Meyer's picture
In the cyber threat intelligence space, there is confusion (much of which is driven by vendors)... where threat information is positioned as finished intelligence.
Joshua Goldfarb's picture
Organizations should not be lured into a false sense of security if they deal in information or data that are not typically sought after by nation-state attackers.
Lance Cottrell's picture
Wouldn’t it be great if cyber security teams could spend more time acting like the doctors and surgeons who work away from emergency rooms and ICUs?
Josh Lefkowitz's picture
Digital risk monitoring is a helpful tool for organizations that already have rich intelligence and not just data. Failing to distinguish between the two can be problematic.
Torsten George's picture
There are several steps that both information security and DevOps teams can take to minimize their attack surface in the context of these emerging technologies and development practices.
Marc Solomon's picture
A threat intelligence platform (TIP) needs to operationalize and apply intelligence as the glue to reduce fragmentation.
Travis Greene's picture
April is Stress Awareness Month. With the pace of constantly-evolving threats, budget battles and security apathy from users, it isn’t a stretch to imagine that stress is a part of the job in IT security.