Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The Forum of Incident Response and Security Teams (FIRST) announces CVSS v3.1, which aims to simplify and improve upon CVSS v3.0. [Read More]
Google contractors regularly listen to and review some recordings of what people say to artificial-intelligence system Google Assistant, via their phone or through smart speakers such as the Google Home. [Read More]
U.S. Coast Guard recently warned commercial vessel owners and operators of malware and phishing attacks and potential vulnerabilities in shipboard systems. [Read More]
D-Link agrees to implement a comprehensive security program to settle FTC charges claiming that the company failed to secure its cameras and routers. [Read More]
USCYBERCOM warns that malicious actors are still using CVE-2017-11774, a Microsoft Outlook vulnerability known to have been exploited by Iranian groups. [Read More]
China's telecoms giant Huawei remains barred from the development of 5G wireless networks in the United States. [Read More]
Americans are keen on security, but do not necessarily understand it. This is the conclusion of a new survey of 1,300 Americans undertaken by YouGov, which basically suggests that attitudes towards cybersecurity exceed actions taken to ensure cybersecurity. [Read More]
A researcher warned in February that over 1,200 Phoenix Contact PLCs that should normally be used only in closed networks were exposed to attacks from the internet. There are currently still roughly 1,000 vulnerable devices. [Read More]
Mozilla says the upcoming Firefox 68 will address TLS errors caused by antiviruses with a new mechanism that automatically changes the configuration of the browser when a MitM error is detected. [Read More]
The US trade war truce with China which could ease sanctions on Huawei has prompted a backlash from lawmakers over national security concerns amid confusion over how the deal may impact the Chinese tech giant. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Alastair Paterson's picture
Organizations’ perimeters will continue to erode as their digital footprints expand, but with the right risk protection strategy any organization can succeed in the age of digital transformation.
Grady Summers's picture
Companies in China are facing many of the same threats that your organization faces today, but they are addressing these threats at a massive scale, on emerging platforms, and with innovative approaches that we can learn from.
Marc Solomon's picture
The ability to customize threat intelligence scores allows you to prioritize threats to your organization and reevaluate and reprioritize as new data and context becomes available.
Joshua Goldfarb's picture
In some instances, it is precisely because we are so familiar and comfortable with something that makes us incapable of seeing that there is a better way.
Josh Lefkowitz's picture
A business risk intelligence (BRI) program needs to understand and account for the different categories of risk faced by all business functions across an enterprise.
Alastair Paterson's picture
Organizations that continuously monitor their digital footprint and understand their online exposure will be the most effective at mitigating digital risk in the new year.
Lance Cottrell's picture
We spend a lot of time thinking about and trying to mitigate threats that are so extreme you are basically already doomed if they are ever used against you.
Laurence Pitt's picture
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Alastair Paterson's picture
As you develop a brand protection program, here are five concrete things you can do now to proactively identify and mitigate risk to your brand.
Josh Lefkowitz's picture
It’s relatively commonplace for CTI and incident response teams to establish a coordinated response plan in preparation for a cyber attack, but—as demonstrated by WannaCry—it’s imperative for physical security teams to be involved in such plans as well.