Security Experts:

Management & Strategy
long dotted


McAfee acquires NanoSec to strengthen the container security capabilities of its MVISION Cloud and MVISION Server Protection products. [Read More]
Apple is making its bug bounty program public, it’s expanding it to cover macOS and other products, and it’s increasing the top reward to $1 million. [Read More]
Researchers have catalogued most known Windows process injection techniques and discovered a new one, which they say is stealthy and can bypass all Microsoft protections. [Read More]
The United States unveiled rules on formally banning technology giant Huawei and other Chinese firms from government contracts in the latest move in the countries' escalating trade war. [Read More]
Vulnerabilities in Microsoft’s Azure cloud services are now worth up to $40,000, and a new security testing environment gives researchers the chance to conduct aggressive tests and earn $300,000. [Read More]
Global privacy regulators joined forces Tuesday to demand guarantees from Facebook on how it will protect users' financial data when it launches its planned cryptocurrency, Libra. [Read More]
Several major industrial and automation solutions providers have responded to the Wind River VxWorks vulnerabilities dubbed Urgent/11. [Read More]
Leaders of House and Senate committees want Capital One and Amazon to explain how a hacker accessed information on more than 100 million Capital One credit card customers and applicants. [Read More]
Tom Kellermann agues that defenders need to recognize the new reality and to start thinking about a modern persistent cognitive attack loop rather than a linear attack chain. [Read More]
With the school year beginning next week, a fourth Louisiana school district is assessing damage caused by hackers targeting its computer network. [Read More]

FEATURES, INSIGHTS // Management & Strategy

rss icon

Stan Engelbrecht's picture
What does the cyber kill chain have to do with Sherlock Holmes, and this quote in particular?
Ashley Arbuckle's picture
While we can’t turn our attention away from gathering data, we must devise new ways to deal with the onslaught of data. Humans simply can’t keep up, and the problem is getting worse.
Marc Solomon's picture
The security market has become confusing and it is not about the product or technology to be used; it is about solving a specific problem.
Josh Lefkowitz's picture
Many businesses either don’t have a risk appetite statement, or they have one that was developed without input and guidance on cyber risk from the CISO.
Torsten George's picture
A gradual improvement in cyber hygiene can go a long way toward keeping an organization immune from security infections and minimizing the risk of falling victim to a cyber-attack.
Laurence Pitt's picture
Creating and maintaining a successful security strategy is not a simple task, but with the right sponsorship and external resources, it does not have to be a negative experience.
Joshua Goldfarb's picture
Josh Goldfarb discusses some of the connections between the information security profession and the magical days of summer vacation.
Marc Solomon's picture
Security teams have more internal system data than they know what to do with from sources including the SIEM system, log management repository, case management systems and security infrastructure. Security analysts struggle to make sense of too much data.
Josh Lefkowitz's picture
Request for intelligence (RFI) services have quickly become both ubiquitous and prone to misleading claims in the threat intelligence market.
Stan Engelbrecht's picture
Security teams need to incorporate intent-based response, behavior-based detection, and a kill chain perspective to get a step ahead of their adversaries.