Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Sen. Ron Wyden has raised concerns about the ability of intelligence agencies to protect secrets and has asked the director of national intelligence about steps taken to improve cybersecurity. [Read More]
Amnesty International warns that contact-tracing technology developed to contain the novel coronavirus threatens users' privacy, highlighting Bahraini, Kuwaiti and Norwegian apps as "among the most dangerous". [Read More]
The US is letting blacklisted Chinese technology giant Huawei back into the fold when it comes to companies working together to set standards for 5G telecom networks. [Read More]
San Francisco, CA-based attack surface management firm RiskIQ has raised $15 million in a Series D funding round led by National Grid Partners (NGP). [Read More]
Zoom says it will not offer end-to-end encryption to free users so that the FBI or local law enforcement can conduct investigations. [Read More]
Britain said Friday it was pushing the United States to form a club of 10 nations that could develop its own 5G technology and reduce dependence on China's controversial telecoms giant Huawei. [Read More]
The NSA has published information on the targeting of Exim mail servers by the Russia-linked threat actor known as Sandworm Team. [Read More]
The FTC has approved a settlement with Canadian smart lock maker Tapplock, which allegedly falsely claimed that its devices were designed to be “unbreakable.” [Read More]
Web security company ImmuniWeb this week announced a free tool that allows businesses and government organizations to check their dark web exposure. [Read More]
Several Microsoft Office vulnerabilities that were patched years ago continue to be among the security flaws most exploited in attacks, the U.S. government warns. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Craig Harber's picture
As long as organizations continue to employ simplistic “set it and forget it” security approaches, they will be forced into playing reactive, catch-up defense against cyber attackers.
Fred Kneip's picture
Employing a third party adds risk, especially if that company is given some level of access to network and computing resources, or is asked to handle and protect critical or proprietary information.
Marc Solomon's picture
National Cybersecurity Awareness Month (NCSAM) is a great vehicle to raise awareness for cybersecurity and to remind every organization that the ability to improve security operations begins with contextual awareness.
Josh Lefkowitz's picture
Here’s a crash-course on the intelligence cycle and how you can apply and derive value from its core principles—no matter your role or security discipline:
Torsten George's picture
Until government agencies start implementing identity-centric security measures, account compromise attacks will continue to provide a perfect cover for data breaches.
Jim Gordon's picture
Intel's Jim Gordon presents critical top 10 tactical action items every SMB should take to protect itself.
Gunter Ollmann's picture
Any bug hunter, security analyst, software vendor, or device manufacturer should not rely on CVSS as the pointy end of the stick for prioritizing remediation.
Torsten George's picture
A gradual improvement in cyber hygiene can go a long way toward keeping an organization immune from security infections and minimizing the risk of falling victim to a cyber-attack.
Ashley Arbuckle's picture
The convergence of security products and services is a welcomed development and will lead to improved security.
Ellison Anne Williams's picture
While threats facing private industry and government may once have looked distinctly different, the line separating attackers pursuing these two arenas is now so blurred that it’s often hard to distinguish one from another.