Security Experts:

long dotted


CloudLock announced the launch of CloudLock Selective Encryption, a new cloud-based encryption solution that enables enterprises to protect data stored across multiple SaaS and public cloud platforms.
CrowdStrike's Endpoint Activity Monitoring (EAM) helps customers gain real-time insight into attacks and explore the rich Stateful Execution Inspection data collected by sensors.
McAfee has shared details on a soon to be released threat sharing platform designed to help security teams develop and customize a threat intelligence solution from global data sources.
Researchers from Adallom say they have discovered an unusual variant of the Zeus Trojan that targets users.
More than half of the respondents in a new survey cited key management as a major issue, ranking it as a '7' on a 10 point scale.
Imperva said it would acquire Skyfence and Incapsula, along with mainframe security auditing assets from Tomium in a move that will help extend its data center security strategy across the cloud.
Target will spend $100 million to equip its "REDcards" and store card readers in the U.S. with chip-enabled smart-card technology by the first quarter of 2015, more than six months ahead of previous plans.
St. Joseph Health System said it experienced a data security attack which exposed patient and employee data stored on server.
Security researcher Dana Taylor recounted what became a two-year odyssey between her and the company to fix software vulnerabilities in Oracle Forms and Reports.
Businesses need to understand they will experience a breach incident and plan accordingly how they would protect the data, a panel of experts said this week at a town hall event in honor of Data Privacy Day.

FEATURES, INSIGHTS // Data Protection

rss icon

Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.
Chris Hinkley's picture
For security professionals, PCI DSS 3.0 means that PCI compliance will become more of an everyday business practice, rather than an annual checklist obligation.
Gil Zimmermann's picture
As 2013 wanes, it makes sense take a few steps back and look at the state of the cloud and how it fits into the plans our customers and friends have been sharing with us. As we move through 2014, will your teams be driving new value, or responding to yesterday’s threats?
Torsten George's picture
What steps can be taken to implement and leverage incident response management as a valuable weapon for limiting material or reputational damages associated with data breaches?
Michael Callahan's picture
There are several steps companies can take on the server side to identify and disrupt brute force attacks.
Mike Tierney's picture
Much can be learned from airport security that can applied to dealing with insider threats. As a starting point, let’s compare two approaches to airport security – the US approach and the Israeli approach.
Gil Zimmermann's picture
What companies are realizing is that when it comes to information, people can ultimately decide what to share, who to share it with, and what network, application, or service they will use to do so.
Michael Callahan's picture
There’s more than functionality and availability issues ailing There’s significant potential for compromise.
Gil Zimmermann's picture
Because free services often flies under the radar, IT and security teams are not actively monitoring for or thinking about these programs and frankly, can have little insight into their existence.
Mike Tierney's picture
It is difficult to argue against the fact that in today's world organizations need to deploy at least some level of activity monitoring to protect themselves against the insider threat, other cyber risks and productivity loss.