Pretty Good Privacy (PGP), the popular email privacy and authentication software is fundamentally broken and it's time for it to "die," says Matthew Green, a well known cryptographer and research professor at Johns Hopkins University.
The use of virtualized systems in a enterprise environments can provide many benefits, but these systems need some special attention paid to security, Symantec said in a new report examining threats to virtual environments.
Hypervisors have become an important part of enterprise environments and while they should normally reduce the attack surface, experts warn that they can be plagued by security vulnerabilities that could be leveraged by malicious actors.
Oracle has introduced Oracle Key Vault, a solution that allows customers to centrally manage encryption keys and assets including Oracle wallet files, Java KeyStores, Kerberos keytab files, SSH key files, and SSL certificate files.
Operation Epic Turla targeted intelligence agencies, government institutions, embassies, military groups, education institutions, and research and pharmaceutical companies in more than 45 countries, the security firm said on Thursday.
The fall of a high-profile CEO due to security concerns makes me envision a scenario where security is now given a more prominent role on the executive team, with more emphasis placed on avoiding the breach in the first place.
When performing incident response, an organization should proceed through various stages by following its incident response process. While all stages are important, when an enterprise is attacked, the highest priority quickly becomes moving rapidly from detection to containment.
When it comes to the security responsibilities of vendors, answers are still often behind where they need to be. What are some things to think about in the way you manage your security with your vendors?
When the development cycle moves quickly, it will often bypass security. When rapid development equates to shoehorning security controls in after the fact, we’re left with an approach that has potentially disastrous consequences.
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
While security monitoring generates big data, in its raw form it remains only a means to an end. Ultimately, information security decision making should be based on prioritized, actionable insight derived from the data.