Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

McAfee has shared details on a soon to be released threat sharing platform designed to help security teams develop and customize a threat intelligence solution from global data sources.
Researchers from Adallom say they have discovered an unusual variant of the Zeus Trojan that targets Salesforce.com users.
More than half of the respondents in a new survey cited key management as a major issue, ranking it as a '7' on a 10 point scale.
Imperva said it would acquire Skyfence and Incapsula, along with mainframe security auditing assets from Tomium in a move that will help extend its data center security strategy across the cloud.
Target will spend $100 million to equip its "REDcards" and store card readers in the U.S. with chip-enabled smart-card technology by the first quarter of 2015, more than six months ahead of previous plans.
St. Joseph Health System said it experienced a data security attack which exposed patient and employee data stored on server.
Security researcher Dana Taylor recounted what became a two-year odyssey between her and the company to fix software vulnerabilities in Oracle Forms and Reports.
Businesses need to understand they will experience a breach incident and plan accordingly how they would protect the data, a panel of experts said this week at a town hall event in honor of Data Privacy Day.
MongoHQ has added new security features, including the ability for customers to control and see who accesses their account, along with two-factor authentication and security auditing tools.
The Retail Industry Leaders Association (RILA) announced that it would help its members improve their cyber defenses by launching a new initiative to address cyber threats and promote further safeguards to protect payment data.

FEATURES, INSIGHTS // Data Protection

rss icon

Chris Hinkley's picture
For security professionals, PCI DSS 3.0 means that PCI compliance will become more of an everyday business practice, rather than an annual checklist obligation.
Gil Zimmermann's picture
As 2013 wanes, it makes sense take a few steps back and look at the state of the cloud and how it fits into the plans our customers and friends have been sharing with us. As we move through 2014, will your teams be driving new value, or responding to yesterday’s threats?
Torsten George's picture
What steps can be taken to implement and leverage incident response management as a valuable weapon for limiting material or reputational damages associated with data breaches?
Michael Callahan's picture
There are several steps companies can take on the server side to identify and disrupt brute force attacks.
Mike Tierney's picture
Much can be learned from airport security that can applied to dealing with insider threats. As a starting point, let’s compare two approaches to airport security – the US approach and the Israeli approach.
Gil Zimmermann's picture
What companies are realizing is that when it comes to information, people can ultimately decide what to share, who to share it with, and what network, application, or service they will use to do so.
Michael Callahan's picture
There’s more than functionality and availability issues ailing Healthcare.gov. There’s significant potential for compromise.
Gil Zimmermann's picture
Because free services often flies under the radar, IT and security teams are not actively monitoring for or thinking about these programs and frankly, can have little insight into their existence.
Mike Tierney's picture
It is difficult to argue against the fact that in today's world organizations need to deploy at least some level of activity monitoring to protect themselves against the insider threat, other cyber risks and productivity loss.
Dr. Mike Lloyd's picture
There are people ready to sell you all manner of intelligence feeds, but what use are they if you can’t pull them into a war room and correlate them with your real situation?