Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The IPv6 guidance provides federal agencies with information on IPv6 and its security features, along with security considerations on the network protocol. [Read More]
Fast-growing insurance firm Acrisure announced a new cyber services division that will allow the company to provide customers with a portfolio of solutions to help address some of the most pressing cyber risks. [Read More]
Threat hunters at Kaspersky have spotted a well-known Chinese APT actor using an UEFI implant to maintain stealthy persistence across reboots, disk formatting or disk replacements. [Read More]
U.S. President Joe Biden has signed a new national security memorandum focusing on the implementation of the cybersecurity requirements of an executive order issued in 2021. [Read More]
Google researcher documents a pair of Zoom security defects and chides the company for missing a decades-old anti-exploit mitigation. [Read More]
A vulnerability in Box's implementation of multi-factor authentication (MFA) allowed attackers to take over accounts without needing access to the target's phone. [Read More]
Supply chain cyberattacks are not a new idea, but have been taken to new levels of sophistication and frequency in recent years. This growth will continue through 2022 and beyond. [Read More]
Security researchers document vulnerabilities in AWS CloudFormation and AWS Glue that could be abused to leak sensitive files and access other customer’s data. [Read More]
Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel proposes strengthening rules around telecom providers’ reporting of data breaches. [Read More]
Mozilla fixes multiple high-severity vulnerabilities with the release of Firefox 96, Firefox ESR 91.5, and Thunderbird 91.5. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Gordon Lawson's picture
The rise of social engineering tactics as well as risks associated with embedded vulnerabilities in contractor networks makes keeping this technology confidential and out of the hands of adversaries increasingly difficult.
Torsten George's picture
Cyber resiliency measures (i.e., architectural design, technologies, operational practices) assume that today’s threat actors can achieve a foothold in an organization’s infrastructure and in turn post-exploit activities must be contained and eliminated.
Landon Winkelvoss's picture
The security industry must commit to a risk-based approach that understands the specific attacks and actors targeting their industry and profile.
Marie Hattar's picture
It is a good idea to assume that your network has already been breached, even if no overtly malicious notifications have surfaced.
Marc Solomon's picture
You risk limiting the value you can derive from your next security investment without first thinking about your top use cases and the capabilities needed to address them.
Torsten George's picture
While it might be overwhelming to look at the critical threats on the horizon you need to prepare for, focusing on these predictions for 2022 will help you strengthen your security posture and minimize your organization’s risk exposure.
Torsten George's picture
Before the next Cybersecurity Awareness Month comes along, companies across all industries should consider moving to a Zero Trust approach, powered by additional security measures such as MFA and endpoint resilience.
William Lin's picture
While there still isn’t a clear industry-accepted answer to Vendor risk management (VRM), there has been more interest in staying on top of and learning about the latest in this space.
Landon Winkelvoss's picture
In addition to evaluating the core capabilities and range of intelligence monitoring, organizations must consider data source integrity, and perhaps most importantly, the level of expert analysis included with each service.
Keith Ibarguen's picture
Far too many engineers in the trenches don’t take the time to lift their heads to see context, so when good (and bad) things happen, this is a great management opportunity that you should take full advantage of.