Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Flashpoint announces new service designed to help organizations respond and prepare for ransomware and other cyber extortion incidents [Read More]
US formally lifts a crippling ban on exports to China's ZTE, rescuing the smartphone maker from the brink of collapse after it was denied key components [Read More]
Department of Defense (DoD) IT managers say the DoD needs to improve the use of cloud to maintain the military’s technical advantage and support mission success. [Read More]
Security ratings pioneer BitSight announced the closing of a $60 million Series D funding round that brings the company’s total funding to $155 million. [Read More]
The UK government's Cabinet Office has published the first iteration of its Minimum Cyber Security Standard, which will be incorporated into the Government Functional Standard for Security. [Read More]
Wiretap's Behavior Risk Analysis Report demonstrates that risky user communications are even more likely to occur in the relative privacy of collaboration tools than in traditional communication systems such as email. [Read More]
Researchers demonstrate how installing a malicious battery into a smartphone can allow attackers to harvest and exfiltrate sensitive data [Read More]
Intel Core processors affected by LazyFP vulnerability similar to Meltdown. Patches being developed, but many systems already not impacted [Read More]
Kaspersky suspends its collaboration with Europol and the NoMoreRansom initiative after the EU voted a resolution that describes the company’s software as “malicious” [Read More]
Australia will help fund and build an underseas communications cable to the Solomon Islands after the Pacific nation was convinced to drop a contract with Chinese company Huawei over security concerns [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Josh Lefkowitz's picture
It’s imperative that security practitioners acknowledge the often-confusing nature of insider threat, seek to dispel misconceptions, and provide clear, accurate insight whenever possible.
Alastair Paterson's picture
Threat modeling is an iterative process that needs to be updated whenever there are substantial changes to either assets or threats.
Preston Hogue's picture
Securing applications and understanding vulnerabilities in code and IT systems will always be important. But today security pros must open their eyes to a much bigger picture.
Josh Lefkowitz's picture
With so many intelligence teams blinded by vast amounts of data and an overwhelmingly complex threat landscape, establishing the right intelligence requirements (IRs) can be challenging.
Joshua Goldfarb's picture
There are quite a few ways in which enterprises can look to properly evaluate various Vendor Risk Management (VRM) offerings and differentiate between them.
Bradon Rogers's picture
While a contract, distributed, partner-oriented workforce and supply chain can create serious risks to your organization, careful implementation of visibility and data protection strategies can help you mitigate many of the risks.
Josh Lefkowitz's picture
Before finalizing a vendor relationship, it’s crucial to construct a response plan in preparation for any future incidents the vendor might experience.
Rafal Los's picture
If you're not careful, security becomes a hinderance and a target. Where security leaders create inflexible environments, security tends to struggle.
Steven Grossman's picture
Without an understanding of where you stand today, new security tools will result in more redundancy and gaps in protection.
Ashley Arbuckle's picture
Edna Conway, Cisco’s Chief Security Officer, Global Value Chain, discusses mitigating third-party security risk across an ecosystem that includes tens of thousands of partners located around the globe.