Security Experts:

Management & Strategy
long dotted

NEWS & INDUSTRY UPDATES

Grammarly launches public bug bounty program with standard rewards of up to $3,000 for critical vulnerabilities. [Read More]
A report on the massive Equifax data breach that impacted 148 million Americans echoes what has been widely known since shortly after the breach was disclosed; it could have been prevented with basic security measures. [Read More]
Super Micro says it has conducted a thorough investigation following the recent Bloomberg report, but claims it has found “absolutely no evidence of malicious hardware” on its motherboards. [Read More]
Researchers at InfoArmor discovered an exposed database that contained extensive personal data for 120 million Brazilians. [Read More]
Italian oil and gas services company Saipem hit by a cyberattack. The firm is working on restoring affected systems while trying to determine who was behind the attack. [Read More]
Organizations are getting better at detecting breaches on their own, but it still takes them a long time to do it, according to a new report from CrowdStrike. [Read More]
Google will close the consumer version of its online social network sooner than originally planned due to the discovery of a new software bug. [Read More]
The Tor Project, the organization behind the Tor anonymity network, publishes financial documents showing revenues of over $4 million in 2017. [Read More]
The Linux.org community website was defaced after someone hacked its registrar account and hijacked DNS settings. [Read More]
The European Union and its citizens should be "worried" about telecoms giant Huawei and other Chinese firms that cooperate with Beijing's intelligence services, official warns. [Read More]

FEATURES, INSIGHTS // Management & Strategy

rss icon

Laurence Pitt's picture
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Alastair Paterson's picture
As you develop a brand protection program, here are five concrete things you can do now to proactively identify and mitigate risk to your brand.
Lance Cottrell's picture
It is important to take a systematic approach to creating your Security Advisory Board (SAB). Don’t just invite the smartest, most famous people you happen to know and like.
Marc Solomon's picture
How do we break this wasteful cycle and enable teams and technologies to reduce instances of false positives? The answer lies in prioritization and learning.
Josh Lefkowitz's picture
It’s relatively commonplace for CTI and incident response teams to establish a coordinated response plan in preparation for a cyber attack, but—as demonstrated by WannaCry—it’s imperative for physical security teams to be involved in such plans as well.
Stan Engelbrecht's picture
By highlighting phishing, which causes so many headaches for all us security professionals, you can see just how much of a game-changer automation can be for any SOC or CSIRT.
Joshua Goldfarb's picture
Organizations need to continually evaluate where each effort stands in relation to its allotted budget and schedule, along with the value it brings to the organization’s security posture.
Mike Fleck's picture
A small business with one running all of IT, cannot defend against cyber-attacks from the North Korean military with the same vigor as Lockheed Martin or Northrup Grumman.
Marc Solomon's picture
Adversaries are increasingly masterful at taking advantage of these seams between technologies and teams to infiltrate organizations and remain below the radar.
Torsten George's picture
Like the NIST Cybersecurity Framework, it integrates relevant regulations (e.g., HIPAA) and standards (NIST 800-53, ISO 27001, PCI DSS) into a single overarching security framework.