Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Community Health Systems, Inc., one of the largest hospital operators in the United States, said hackers managed to steal the records of 4.5 million patients.
Israeli cybersecurity startup GuardiCore, announced on Monday that it has closed an $11 million round of funding led by Battery Ventures.
Pretty Good Privacy (PGP), the popular email privacy and authentication software is fundamentally broken and it's time for it to "die," says Matthew Green, a well known cryptographer and research professor at Johns Hopkins University.
The assets of numerous organizations are at risk because their former employees continue to have access to sensitive corporate applications even after they leave the company.
The use of virtualized systems in a enterprise environments can provide many benefits, but these systems need some special attention paid to security, Symantec said in a new report examining threats to virtual environments.
European security firm Gemalto has agreed to buy data protection firm SafeNet for $890 million in cash.
Hypervisors have become an important part of enterprise environments and while they should normally reduce the attack surface, experts warn that they can be plagued by security vulnerabilities that could be leveraged by malicious actors.
Oracle has introduced Oracle Key Vault, a solution that allows customers to centrally manage encryption keys and assets including Oracle wallet files, Java KeyStores, Kerberos keytab files, SSH key files, and SSL certificate files.
Operation Epic Turla targeted intelligence agencies, government institutions, embassies, military groups, education institutions, and research and pharmaceutical companies in more than 45 countries, the security firm said on Thursday.
Mocana has released what it calls a highly secure drop-in replacement for the widely adopted OpenSSL stack for Apache Web servers.

FEATURES, INSIGHTS // Data Protection

rss icon

Mark Hatton's picture
The fall of a high-profile CEO due to security concerns makes me envision a scenario where security is now given a more prominent role on the executive team, with more emphasis placed on avoiding the breach in the first place.
Joshua Goldfarb's picture
When performing incident response, an organization should proceed through various stages by following its incident response process. While all stages are important, when an enterprise is attacked, the highest priority quickly becomes moving rapidly from detection to containment.
Jon-Louis Heimerl's picture
When it comes to the security responsibilities of vendors, answers are still often behind where they need to be. What are some things to think about in the way you manage your security with your vendors?
Chris Hinkley's picture
When the development cycle moves quickly, it will often bypass security. When rapid development equates to shoehorning security controls in after the fact, we’re left with an approach that has potentially disastrous consequences.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Wade Williamson's picture
If criminals can’t use or sell stolen data without being caught, then the data quickly becomes worthless. As a result it’s critical to understand what happens to data after a breach.
Jon-Louis Heimerl's picture
The concepts of defense in depth have been with us for years -- hundreds of years, if not thousands. Maybe we can learn something from those architects of warfare from the Middle Ages?
Michael Callahan's picture
While I’d argue the point that the chip and PIN system is better and more secure than the mag stripe, it’s not what caused these or what will prevent future malware attacks.
Torsten George's picture
While security monitoring generates big data, in its raw form it remains only a means to an end. Ultimately, information security decision making should be based on prioritized, actionable insight derived from the data.
Mike Tierney's picture
The insider threat is very much a reality, and because it hides in the details, it’s one of the biggest threats businesses can encounter.