Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

According to the 2017 State of Security Operations report, 82% of SOCs worldwide are failing to meet the maturity level necessary to provide optimum security and efficiency. [Read More]
The number of data breaches disclosed in the United States increased by 40 percent in 2016 compared to the previous year, said ITRC and CyberScout [Read More]
The DHS has improved its information security program, but an OIG evaluation still uncovered problems at the agency and its components [Read More]
Docker recently resolved a runc privilege escalation vulnerability that could be exploited by a malicious program to escape container and access the host. [Read More]
Following a series of ransom attacks against MongoDB and Elasticsearch databases in recent weeks, many users of CouchDB and Hadoop are now finding their databases ar under attack as well. [Read More]
US-CERT issues a warning after the Shadow Brokers group has offered to sell what it claims to be an SMB zero-day exploit [Read More]
Many critical infrastructure organizations have had their IT networks breached. Does that mean their control systems are also vulnerable to attacks? [Read More]
Shape Security predicts that credential stuffing will become a major issue during 2017 as the 3.3 billion credentials spilled in 2016 work their way through the criminal system. [Read More]
Unpatched vulnerabilities in the McDonald’s website expose user passwords to phishing attacks [Read More]
Some third-party applications unnecessarily store keys or secrets that could be abused to leak a variety of user credentials and other type of sensitive data, software security startup Fallible warns. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Ashley Arbuckle's picture
The healthcare industry has a lot to gain by digital transformation. However it also has a lot to lose if it doesn’t start with security as a foundation.
Marc Solomon's picture
Analysts must work together and across the organization to provide the right intelligence in the right format and with the right frequency so that it can be used by multiple teams.
Lance Cottrell's picture
When properly integrated, detection, response, and prevention reinforce each other, each making the other more effective.
Travis Greene's picture
Whether US government officials improve their handling of classified information in the new administration or not, industry can certainty learn from the blunders and reduce risks.
Torsten George's picture
While machine learning can help reduce time-to-remediation, will it ever be able to autonomously protect organizations against cyber-attacks?
Avi Chesla's picture
Our cybersecurity ecosystem needs to be simplified – this is a fundamental challenge that the industry has avoided talking about. This need for simplification is what lies at the core of “Security Abstraction “
Joshua Goldfarb's picture
While sprinting from distraction to distraction may fool some people, it won’t fool nearly enough to justify the risk it introduces into your organization.
Alan Cohen's picture
Organizations of any size can do one important thing to help address this challenge: better segment their interior networks and data center operations.
Adam Meyer's picture
While organizations can’t really impact cybercriminals’ intent or capability, placing greater focus on reducing the bad guys’ opportunity - especially as the level of presence is growing - should be at the top of your security to-do list in 2017.
Ken McAlpine's picture
Dozens of isolated security tools and platforms, regardless of how relevant they are to new cloud-based networks, create their own problem.