Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A new report focusing on Europe's General Data Protection Regulation (GDPR) preparedness shows a worrying disconnect between Business and Security. [Read More]
An analysis of the Alexa top 1 million websites with Mozilla Observatory showed significant improvements in the use of modern security technologies [Read More]
Akamai launches new product designed to protect enterprises against malware, phishing and data exfiltration attempts by analyzing DNS requests [Read More]
KThe antara Initiative has released an open, global consent receipt specification for use with the European Union’s (EU) General Data Protection Regulation (GDPR). [Read More]
A government contractor has been charged for leaking a classified NSA report on Russia election hacking to The Intercept [Read More]
Crowdfunding initiative for buying Shadow Brokers exploits canceled. Researchers cite legal reasons, including Russia (FSB) involvement [Read More]
Many organizations believe an attack on their medical devices will likely occur in the next year, but few are taking significant steps to prevent attacks [Read More]
Summary and roundup of this new products, surveys and cybersecurity industry comments on the upcoming General Data Protection Regulation (GDPR). [Read More]
While there is a general lack of preparedness for GDPR among most organizations, specific concerns and expectations can vary widely between the different nations. [Read More]
Retailer Target agrees to pay $18.5 million to 47 U.S. states as part of a settlement over the massive data breach suffered by the company in 2013 [Read More]

FEATURES, INSIGHTS // Compliance

rss icon

Marc Solomon's picture
To combat the risks associated with web applications, one of the most significant evolutions in network security over the last few years has been the advent of application control.
Danelle Au's picture
You’ve handed over controls to a third-party, so how do you implement the right levels of security in a cloud environment, trust the provider to take care of the rest, and still meet compliance initiatives?
Chris Poulin's picture
Part 1: Why the Star Trek Medical Tricorder Didn’t have an App Store. The future of information security is looking brilliant: by the 23rd century there will be no computer hacks—at least according to Star Trek.
Jeff Hudson's picture
The latest iteration of PCI compliance regulations adds to the already increasing burdens of the typical IT security professional. For example, exposing cryptographic key management information to more than those that need to know creates a compliance violation.
Steve Ragan's picture
For most CISOs, the pain of an audit is part of the job, but it doesn’t have to be the nightmare that most of the IT community envisions.
Chris Hinkley's picture
Cloud infrastructures can be secure, and they must be for the need is growing quite fast. In this vein, organizations don’t have to be fearful of public clouds. They just need to better understand them.
Oliver Rochford's picture
To a security guru, GRC feels like a waste of time. It will provide artificial challenges that make a difficult task even harder, with very little gain or advantage in return other than a report containing lists of items with a marked checkbox.
Michael Goff's picture
In 2011 we were reminded that software piracy cannot be stopped. Despite the best efforts of software vendors, industry watchdog groups and government, software piracy continues to proliferate.
Mandeep Khera's picture
Merchants who are required to be PCI-DSS Compliant will have to get their validation under provisions of PCI-DSS 2.0 by December 31st, 2011. What are some of the key changes in PCI-DSS 2.0? Are you ready?
Chris Hinkley's picture
Mobile applications and the platforms they are built on make PA-DSS compliance difficult due to the rapidly evolving threat landscape. With increased attacks and their tragic affects on businesses and consumers, it's important to make make sure your mobile operations properly secured.