Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

ZombieLoad, RIDL and Fallout: Intel processors are vulnerable to more speculative execution side-channel attacks that can allow malware to obtain sensitive data. [Read More]
NIST’s National Cybersecurity Center of Excellence (NCCoE) is working on an industrial IoT (IIoT) security project for the energy sector. [Read More]
Experts called on 5G providers Friday to heed supply chain security in light of concerns about technology providers such as China's Huawei, recently banned by the US government. [Read More]
2020 presidential campaigns are preparing for cyber threats, which includes training, mandatory use of 2FA, and phishing simulations. [Read More]
A denial-of-service (DoS) attack has been blamed for disrupting US electrical grid operations in the Western region. [Read More]
SAP users have been warned that the risk of attacks involving some old configuration issues has increased significantly after researchers released PoC exploits. [Read More]
The United States on Thursday urged "like-minded governments" from the European Union to be cautious and coordinate their policies on 5G network security in light of suspicions over the system proposed by Chinese giant Huawei. [Read More]
Researchers at Tenable discover 15 vulnerabilities across 8 wireless presentation systems, including flaws that can be exploited to hijack devices. [Read More]
The DHS’s new Binding Operational Directive 19-02 instructs federal agencies and departments to patch critical security vulnerabilities within 15 days and high-severity vulnerabilities within 30 days. [Read More]
A majority of the 2020 US presidential campaigns are vulnerable to sophisticated email attacks, according to a study conducted by email security firm Agari. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Gunter Ollmann's picture
CISOs should invest time in applying the resources of public cloud to bring automation, scalability, and AI to solving the given problem as a platform for all customers – past, present, and future.
Justin Fier's picture
As innovative attacks continue to expand the purview of cyber security, helping CISOs means equipping them with equally innovative tools that stand a fighting chance.
Josh Lefkowitz's picture
It can be difficult for teams to determine how to obtain and incorporate data from encrypted chat service platforms into their collection strategies in a meaningful way.
Alastair Paterson's picture
While no digital risk framework is perfect, the optimal level of maturity will look to continually identify gaps, update processes and tooling, and reflect organizational changes.
Josh Lefkowitz's picture
The best way for intelligence practitioners to identify what types of context their intelligence consumers truly need is simply to ask them.
Alastair Paterson's picture
By understanding where assets are exposed, their value to attackers, and how attackers target this data, organizations can make better decisions about their defenses and improve them over time.
Josh Lefkowitz's picture
Josh Lefkowitz shares—and debunks—some of the most persistent and misleading BRI fallacies he has heard over the years.
Alastair Paterson's picture
Organizations’ perimeters will continue to erode as their digital footprints expand, but with the right risk protection strategy any organization can succeed in the age of digital transformation.
Grady Summers's picture
Companies in China are facing many of the same threats that your organization faces today, but they are addressing these threats at a massive scale, on emerging platforms, and with innovative approaches that we can learn from.
Marc Solomon's picture
The ability to customize threat intelligence scores allows you to prioritize threats to your organization and reevaluate and reprioritize as new data and context becomes available.