Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A major exercise whose goal was to test the cyber and physical security of North America’s grid has enabled the energy industry and governments to review and improve incident response plans and collaboration. [Read More]
Backend operation services provider InfoTrax Systems has reached a settlement with the FTC over a data breach discovered in 2016. [Read More]
Canada's spy agencies are divided over whether or not to ban Chinese technology giant Huawei from fifth generation (5G) networks over security concerns. [Read More]
Cybersecurity firm Proofoint has agreed to acquire ObserveIT, a Boston, Mass.-based provider of insider threat management solutions. [Read More]
FireEye surveyed over 800 cybersecurity executives from around the world and most of them believe cybersecurity solutions are either inexpensive or their cost is reasonable for the value they provide. [Read More]
Proton Technologies, the company behind the privacy-focused email service ProtonMail, has made available the source code of its iOS client application. [Read More]
China on Tuesday blasted as "economic bullying" a US proposal to block telecom carriers buying from Chinese tech companies Huawei and ZTE. [Read More]
Two senior US senators called for the government to study national security risks possibly posed by Chinese-owned video app TikTok, saying it could leave American users vulnerable to Beijing's spying. [Read More]
Some of the recent cybersecurity incidents involving industrial control systems (ICS) have resulted in injury and even loss of life, according to a survey. [Read More]
Several major tech and cybersecurity firms launch the Operational Technology Cyber Security Alliance (OTCSA), which aims to help organizations address OT security challenges. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Josh Lefkowitz's picture
The successful execution of each step of the intelligence cycle relies on the successful execution of the step that came before it.
Fred Kneip's picture
Third party cyber risk management programs need to go beyond an initial scan and evaluate your third party’s security from the inside out.
Josh Lefkowitz's picture
It’s crucial to recognize that annual security predictions generally only include that which can be feasibly predicted by the final months of the prior year.
Marie Hattar's picture
The solution: every week, devote at least two hours to basic cyber hygiene. Four best practices will help your team build habit from repetition.
Joshua Goldfarb's picture
Security metrics is a topic that, while challenging, is also important and at the top of the priority list for security organizations. Here are five tips for leveraging security metrics to keep your organization out of the lion’s den.
Craig Harber's picture
As long as organizations continue to employ simplistic “set it and forget it” security approaches, they will be forced into playing reactive, catch-up defense against cyber attackers.
Fred Kneip's picture
Employing a third party adds risk, especially if that company is given some level of access to network and computing resources, or is asked to handle and protect critical or proprietary information.
Marc Solomon's picture
National Cybersecurity Awareness Month (NCSAM) is a great vehicle to raise awareness for cybersecurity and to remind every organization that the ability to improve security operations begins with contextual awareness.
Josh Lefkowitz's picture
Here’s a crash-course on the intelligence cycle and how you can apply and derive value from its core principles—no matter your role or security discipline:
Torsten George's picture
Until government agencies start implementing identity-centric security measures, account compromise attacks will continue to provide a perfect cover for data breaches.