Security Experts:

WRITE FOR US

LATEST SECURITY NEWS HEADLINES

rss icon

Trump, Johnson Talk Security Ahead of Huawei Decision
Cisco Webex Vulnerability Exploited to Join Meetings Without a Password
Questions Linger Over Investigation Into Jeff Bezos' Hacking
Greece: Government Websites Hit by Cyberattack
Microsoft Releases Azure Security Benchmark
long dotted

NEWS & INDUSTRY UPDATES

Industry Reactions to Crypto Vulnerability Found by NSA: Feedback Friday
Industry professionals comment on the Windows crypto vulnerability patched this week by Microsoft and the NSA’s decision to disclose the flaw. [Read More]
Siemens Warns of Security Risks Associated With Use of ActiveX
Siemens has addressed several vulnerabilities this week and warned organizations about the security risks associated with the use of ActiveX in industrial products. [Read More]
Cloudflare Announces Free Security Services for Political Campaigns
Cloudflare has announced a suite of services for the cyber-protection of political campaigns in the United States and worldwide. [Read More]
Many High-Risk Users Have Bad Security Habits: Google Survey
High-risk users are aware that they are more likely to be targeted by hackers compared to the general population, but many of them still have bad security habits, a Google survey shows. [Read More]
Google Simplifies Enrollment Process for Advanced Protection Program
Google has simplified the enrollment process for its Advanced Protection Program and it now allows users to activate a security key on their iPhone. [Read More]
Hundreds of Millions of PCs Remain Vulnerable as Windows 7 Reaches End of Life
Windows 7 has reached end of life, but hundreds of millions of PCs worldwide still run the operating system, which leaves them at increased risk of cyberattacks. [Read More]
New Bill Would Prohibit Intelligence Sharing With Countries That Use Huawei
A bill introduced by Senator Tom Cotton would ban the sharing of intelligence with countries that use Huawei technologies in their 5G networks. [Read More]
Threat Posed by Iran to Industrial Systems After Killing of Top General
Cybersecurity professionals comment on the threat posed by Iran to critical infrastructure and industrial control systems (ICS) after the US killed Iranian general Qassem Soleimani. [Read More]
MITRE Releases ATT&CK Knowledge Base for Industrial Control Systems
MITRE released a version of its ATT&CK knowledge base that is specifically designed for industrial control systems (ICS). [Read More]
DHS Warns of Possible Iranian Cyberattacks After Killing of Qassem Soleimani
The US Department of Homeland Security has issued warnings about the possibility of cyberattacks launched by Iran in response to the killing of Qassem Soleimani. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

AJ Nash's picture
Graduation Day: From Cyber Threat Intelligence to Intelligence
AJ Nash - Risk Management
Once we shed the shackles of “cyber” and “threat,” we free our teams to consider a full spectrum of intelligence, including support to physical security, insider threats, procurement, mergers and acquisitions, and executive decision-making.
Read full story
Fred Kneip's picture
It's Time for the C Suite and Boards to Truly Engage in Third-Party Cyber Risk Management
Fred Kneip - Risk Management
While some forward-thinking companies have created c-suite positions for IT and security personnel such as CTOs and CISOs, these are, overall, still relatively rare.
Read full story
Josh Lefkowitz's picture
Don't Overlook the Importance of Feedback in an Intelligence Operation
Josh Lefkowitz - Risk Management
The successful execution of each step of the intelligence cycle relies on the successful execution of the step that came before it.
Read full story
Fred Kneip's picture
Most Companies Don't Properly Manage Third-Party Cyber Risk
Fred Kneip - Risk Management
Third party cyber risk management programs need to go beyond an initial scan and evaluate your third party’s security from the inside out.
Read full story
Josh Lefkowitz's picture
Don't Let Annual Predictions Overshadow the Need for Iterative Security
Josh Lefkowitz - Risk Management
It’s crucial to recognize that annual security predictions generally only include that which can be feasibly predicted by the final months of the prior year.
Read full story
Marie Hattar's picture
Clean Up Your Act with Better Cyber Hygiene
Marie Hattar - Risk Management
The solution: every week, devote at least two hours to basic cyber hygiene. Four best practices will help your team build habit from repetition.
Read full story
Joshua Goldfarb's picture
Tips for Leveraging Security Metrics
Joshua Goldfarb - Risk Management
Security metrics is a topic that, while challenging, is also important and at the top of the priority list for security organizations. Here are five tips for leveraging security metrics to keep your organization out of the lion’s den.
Read full story
Craig Harber's picture
Gaining a Decisive Advantage in the Cyber Battle
Craig Harber - Risk Management
As long as organizations continue to employ simplistic “set it and forget it” security approaches, they will be forced into playing reactive, catch-up defense against cyber attackers.
Read full story
Fred Kneip's picture
Best Practices for Evaluating and Vetting Third Parties
Fred Kneip - Risk Management
Employing a third party adds risk, especially if that company is given some level of access to network and computing resources, or is asked to handle and protect critical or proprietary information.
Read full story
Marc Solomon's picture
True Awareness for National Cybersecurity Awareness Month
Marc Solomon - Incident Response
National Cybersecurity Awareness Month (NCSAM) is a great vehicle to raise awareness for cybersecurity and to remind every organization that the ability to improve security operations begins with contextual awareness.
Read full story