Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
CrowdStrike is elbowing its way into new security markets with a planned acquisition of attack surface management startup Reposify and a strategic investment in API security vendor Salt Security. [Read More]
By understanding current ROI it is easier to justify future cost because you know the value. But this is a problem: how do you measure or quantify RoI in cybersecurity spend? [Read More]
Ride sharing giant Uber is downplaying the impact from a devastating security breach that included the theft of employee credentials, access to the HackerOne bug bounty dashboard and data from an internal invoicing tool. [Read More]
Industry professionals comment on the new guidance from the US government asking for security guarantees from software vendors. [Read More]
The non-profit foundation is building a team to proactively identify and address security defects in the popular Rust programming language. [Read More]
The White House wants software developers that provide products and services to the government to guarantee that security requirements are met. [Read More]
Dig Security’s latest financing comes as venture capital investors rush to place bets on startups jostling for space in the cloud data security space. [Read More]
Microsoft says its security teams have detected zero-day exploitation of a critical vulnerability in its flagship Windows platform. [Read More]
The new sanctions designate Iran’s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for engaging in cyber-enabled activities against the United States and its allies. [Read More]
Microsoft security teams share details on ransomware attacks linked to DEV-0270, a subgroup of Iran-linked Phosphorus. [Read More]
- 1 of 151
- ››
FEATURES, INSIGHTS // Risk Management
The Defense Readiness Index is a reliable alternative for assessing a security team’s skill level, developing a roadmap for improving cyber competencies, and reaching the optimal level of cyber security readiness.
The surge of cyber attacks in 2021 was a wake-up call for consumers, who felt the firsthand effects that can result from a breach.
Organizations need to look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response, which improves their ability to prepare and quickly recover endpoints from ransomware attacks.
Many think open source intelligence is just another name for better googling. They are wrong. Good open source and threat intelligence are derived from three core capabilities.
Vendor agnostic technology, married with actionable, globally-sourced, and continually evolving intelligence, augmented by humans, is needed to defend our enterprises.
There are areas where governments can learn from the private sector and vice-versa, which will help both sides adapt more quickly and effectively to a continuously evolving threat environment.
Schools should take measures to identify and secure sensitive data, keep devices up-to-date, and ensure that their endpoint security controls are working.
The rise of social engineering tactics as well as risks associated with embedded vulnerabilities in contractor networks makes keeping this technology confidential and out of the hands of adversaries increasingly difficult.
Cyber resiliency measures (i.e., architectural design, technologies, operational practices) assume that today’s threat actors can achieve a foothold in an organization’s infrastructure and in turn post-exploit activities must be contained and eliminated.
The security industry must commit to a risk-based approach that understands the specific attacks and actors targeting their industry and profile.
- 1 of 37
- ››
Get the Daily Briefing
- NSA Cyber Specialist, Army Doctor Charged in US Spying Cases
- North Korean Gov Hackers Caught Rigging Legit Software
- Investors Bet on Ox Security to Guard Software Supply Chains
- More Than Half of Security Pros Say Risks Higher in Cloud Than On Premise
- Details Disclosed After Schneider Electric Patches Critical Flaw Allowing PLC Hacking
- Australia Flags Tough New Data Protection Laws This Year
- Drupal Updates Patch Vulnerability in Twig Template Engine
- Hackers Possibly From China Using New Method to Deploy Persistent ESXi Backdoors
- Auth0 Finds No Breach Following Source Code Compromise
- Multi-Cloud Networks Require Cloud-Native Protection
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy