Security Experts:

Management & Strategy
long dotted

NEWS & INDUSTRY UPDATES

The European Commission has no evidence of issues associated with using Kaspersky Lab’s products, a document published this week reveals. [Read More]
One of Idaho’s largest insurance companies, Blue Cross of Idaho, said someone hacked its website and obtained access to the personal information of about 5,600 customers, including their names, claim payment information and codes indicating medical procedures they may have undergone. [Read More]
Norwegian aluminum giant Norsk Hydro has made significant progress in restoring operations following the recent LockerGoga attack, but the incident has forced the company to delay its Q1 2019 financial report. [Read More]
FireEye releases an open source tool designed to automate the analysis of Adobe Flash files to identify malware and prevent infections. [Read More]
Intel adds Hardware Shield security feature to its new 8th Gen Intel Core vPro mobile processors to protect devices against firmware attacks. [Read More]
Hackers breached Microsoft email services (Outlook.com, Hotmail, MSN) and accessed user accounts after compromising a support agent’s credentials. [Read More]
A security configuration framework for Windows 10 unveiled by Microsoft this week defines five different levels of discrete prescriptive security configurations. [Read More]
Matrix.org, an open source project for secure and decentralized communications, had its systems hacked and its website defaced. The hacker then revealed the security issues he found. [Read More]
Facebook and Google have wrapped up the first edition of their BountyCon Asia-Pacific bug hunting conference, which resulted in $120,000 awarded in bounties. [Read More]
Feedback Friday: Industry professionals comment on the news that the group behind the Triton/Trisis malware has hit an additional critical infrastructure facility. [Read More]

FEATURES, INSIGHTS // Management & Strategy

rss icon

Torsten George's picture
Shifting traditional perimeter-based enterprise security strategies to a Zero Trust approach provides more robust prevention, detection, and incident response capabilities to protect continuously expanding attack surfaces.
Joshua Goldfarb's picture
There are certainly no shortcuts and no easy fixes for retaining top security talent. While the list of recommendations on this topic is lengthy, showing security talent that it is respected is high on that list.
Marc Solomon's picture
Like the teams that progress through to the NCAA National Championship, you’ve now pared down “the threat landscape” to “your threat landscape” and set yourself up for success.
Gunter Ollmann's picture
As malware writers harness AI for cybercrime, the security industry must push forward with a new generation of dissection and detonation technologies to prepare for this coming wave.
Josh Lefkowitz's picture
It can be difficult for teams to determine how to obtain and incorporate data from encrypted chat service platforms into their collection strategies in a meaningful way.
Alastair Paterson's picture
While no digital risk framework is perfect, the optimal level of maturity will look to continually identify gaps, update processes and tooling, and reflect organizational changes.
Torsten George's picture
The anatomy of a hack has been glorified and led to the common belief that data breaches typically exploit zero-day vulnerabilities and require a tremendous amount of code sophistication.
Joshua Goldfarb's picture
If we want our security teams to master the art of stumbling onto great findings, we need to create the right surroundings to foster that.
Grady Summers's picture
Unlike buzzwords from prior years at RSA Conference, this year’s buzzwords are all throwbacks of sorts. They represent a return to fundamentals of information security.
Stan Engelbrecht's picture
Here are a few observations from my time at RSAC 2019 about SOAR and the cybersecurity world at large.