Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

IBM adds intelligent orchestration capabilities to incident response platform and launches new threat and vulnerability management service [Read More]
The 2016 data breach that Uber made public in November 2017 impacted over 25 million riders and drivers in the United States, the Federal Trade Commission (FTC) reveals. [Read More]
Palo Alto Networks acquires Israel-based incident response firm Secdo. Financial terms not disclosed, but some reports say Palo Alto will pay $100 million [Read More]
Best Buy customers may have had their payment card data stolen as a result of the breach suffered by online services provider [24]7.ai. [Read More]
The need for improved automation to reduce the time for manual involvement also shows in users' top frustrations with current security solutions. [Read More]
Delta Air Lines, Sears Holdings and likely other major companies were affected by a payment card breach suffered last year by online services provider [24]7.ai [Read More]
Facebook said personal data on as many as 87 million users was improperly shared with British political consultancy Cambridge Analytica. [Read More]
Organizations are getting better at discovering breaches internally, with the detection time dropping to 57.5 days in 2017 from 80 days in 2016, according to FireEye’s Mandiant [Read More]
Intel will not release patches for some CPUs affected by Meltdown and Spectre, including Bloomfield (Xeon), Clarksfield, Gulftown, Harpertown Xeon, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale (Xeon) and Yorkfield (Xeon) [Read More]
Several natural gas pipeline operators in the United States affected by a cyberattack that hit a communications system provided by a third party [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
The industry needs to share a common understanding of how to put threat intelligence into practice to address some of our thorniest security operations challenges.
Jim Ivers's picture
More vulnerabilities create more attacks; more attacks breed additional fatigue. So how can we wake up and fix the problems creating such a widespread headache?
Lance Cottrell's picture
Discussions around hacking back in Congress today rely on analogies that are too simple and use examples focused on physical self-defense that fail to capture the true nature of online interactions.
Marc Solomon's picture
It isn’t sufficient for security teams to prevent, detect and respond to attacks. Security teams also must be able to proactively investigate and understand what the latest, large-scale cyber campaign means to their organization.
Justin Fier's picture
When we look at this cycle of stealthy and silent data breaches, we have to ask ourselves: how can such tremendous amounts of data leave our corporate networks without raising any alarms?
Alastair Paterson's picture
Security teams need visibility outside the organization and across the widest range of data sources possible to mitigate digital risk and better protect the organization.
Steven Grossman's picture
Identifying those kinds of repeated non-malicious behaviors amongst a group of peers can help identify broken business processes that are requiring employees to violate policy in order to do their job.
Stan Engelbrecht's picture
Post-incident activity is the often-neglected phase where organizations try to answer the questions of what happened, why, and how can we make sure it doesn’t happen again?
David Holmes's picture
Take a step back and realize that cryptocurrency mining is really just another form of malware, which is something you should be good at finding already.
Stan Engelbrecht's picture
Responding to an incident can require extreme time-sensitivity and when tensions are running high, it’s easy to miss something important along the way.