Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

China's telecoms giant Huawei remains barred from the development of 5G wireless networks in the United States. [Read More]
Americans are keen on security, but do not necessarily understand it. This is the conclusion of a new survey of 1,300 Americans undertaken by YouGov, which basically suggests that attitudes towards cybersecurity exceed actions taken to ensure cybersecurity. [Read More]
A researcher warned in February that over 1,200 Phoenix Contact PLCs that should normally be used only in closed networks were exposed to attacks from the internet. There are currently still roughly 1,000 vulnerable devices. [Read More]
Mozilla says the upcoming Firefox 68 will address TLS errors caused by antiviruses with a new mechanism that automatically changes the configuration of the browser when a MitM error is detected. [Read More]
The US trade war truce with China which could ease sanctions on Huawei has prompted a backlash from lawmakers over national security concerns amid confusion over how the deal may impact the Chinese tech giant. [Read More]
Poisoned certificates are in the OpenPGP SKS keyserver network after an unknown threat actor targeted the OpenPGP certificates of two high-profile community contributors. [Read More]
As the United States and China pursue trade talks, there is a "good chance" that more US firms will be granted licenses to sell products to controversial Chinese telecoms giant Huawei, White House economic advisor Larry Kudlow said. [Read More]
President Donald Trump said on Saturday that US companies could sell equipment to Chinese telecom giant Huawei, indicating a potentially softer position on a key sticking point in the US-China trade war. [Read More]
The government of Singapore announces its third bug bounty program via HackerOne after the first two were considered a success. [Read More]
Medtronic, DHS and FDA warn that some Medtronic insulin pumps are vulnerable to hacker attacks that can have serious consequences for their thousands of users. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Mike Fleck's picture
A small business with one running all of IT, cannot defend against cyber-attacks from the North Korean military with the same vigor as Lockheed Martin or Northrup Grumman.
Torsten George's picture
Like the NIST Cybersecurity Framework, it integrates relevant regulations (e.g., HIPAA) and standards (NIST 800-53, ISO 27001, PCI DSS) into a single overarching security framework.
Josh Lefkowitz's picture
There’s no point in having billions of data points if those data points aren’t timely, accurate, actionable, and adequately map to your intelligence objectives and requirements.
Nick Sanna's picture
Board members and senior management are likely to wave off CISO techno-speak and push to get their questions answered on their terms.
Justin Fier's picture
Over time, holding people responsible will lead individuals to see how their actions impact the security of the organization and come to consider themselves responsible for the security of the company.
Josh Lefkowitz's picture
It is important to understand how the right intelligence can support network defense teams, fraud, physical security, M&A, insider threat, supply chain, and brand reputation teams, among others.
Alastair Paterson's picture
Although the challenge may seem insurmountable, there’s a lot that security professionals can do to mitigate insider risk.
Nick Sanna's picture
Cyber risk has risen to the level of enterprise risk – which they expect to be measured, managed, and reported in the terms that the rest of the enterprise understands.
Marie Hattar's picture
Cybersecurity teams need to adopt an adversarial mindset and understand what their enemies are capable of and prepare an appropriate response.
Torsten George's picture
Solving the security challenges healthcare providers face will fuel faster growth, enable further digital transformation, and ultimately result in enhanced patient care and data protection.