Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

New rules require critical information infrastructure operators in China to conduct cybersecurity reviews when purchasing tech products and services. [Read More]
Mozilla’s latest “*Privacy Not Included” report shows that twelve out of fifteen popular video call applications and platforms meet the organization’s minimum security standards. [Read More]
The FCC has yet to fully address cyber-security risks in its systems, a newly published report from the United States Government Accountability Office (GAO) reveals. [Read More]
Apple says it has found no evidence that the recently disclosed iOS Mail app vulnerabilities have been exploited in attacks as researchers have claimed. [Read More]
Patching vulnerable enterprise VPNs from Pulse Secure is not enough to keep out malicious actors who have already exploited a vulnerability, CISA warns. [Read More]
SafeBreach raised an additional $19 million to expand its breach-and-attack simulation platform, which allows customers to assess their security posture against a continuous barrage of genuine, but safe, hacker behaviors. [Read More]
The GAO has analyzed the Pentagon’s cyber hygiene initiatives and found that they are incomplete and in some cases no one is keeping track of their progress. [Read More]
The United States threatened Thursday to cut off Beijing-controlled China Telecom from serving the US market because of legal and security risks. [Read More]
NASA is seeing a significant increase in cyberattacks, including phishing and malware attacks, while its employees work remotely due to the coronavirus outbreak. [Read More]
Many companies are offering free cybersecurity tools and resources to help organizations during the COVID-19 coronavirus outbreak. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Gunter Ollmann's picture
CISOs should invest time in applying the resources of public cloud to bring automation, scalability, and AI to solving the given problem as a platform for all customers – past, present, and future.
Justin Fier's picture
As innovative attacks continue to expand the purview of cyber security, helping CISOs means equipping them with equally innovative tools that stand a fighting chance.
Josh Lefkowitz's picture
It can be difficult for teams to determine how to obtain and incorporate data from encrypted chat service platforms into their collection strategies in a meaningful way.
Alastair Paterson's picture
While no digital risk framework is perfect, the optimal level of maturity will look to continually identify gaps, update processes and tooling, and reflect organizational changes.
Josh Lefkowitz's picture
The best way for intelligence practitioners to identify what types of context their intelligence consumers truly need is simply to ask them.
Alastair Paterson's picture
By understanding where assets are exposed, their value to attackers, and how attackers target this data, organizations can make better decisions about their defenses and improve them over time.
Josh Lefkowitz's picture
Josh Lefkowitz shares—and debunks—some of the most persistent and misleading BRI fallacies he has heard over the years.
Alastair Paterson's picture
Organizations’ perimeters will continue to erode as their digital footprints expand, but with the right risk protection strategy any organization can succeed in the age of digital transformation.
Grady Summers's picture
Companies in China are facing many of the same threats that your organization faces today, but they are addressing these threats at a massive scale, on emerging platforms, and with innovative approaches that we can learn from.
Marc Solomon's picture
The ability to customize threat intelligence scores allows you to prioritize threats to your organization and reevaluate and reprioritize as new data and context becomes available.