Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A survey of over 1,700 individuals in the utilities sector shows that 56% have reported at least one shutdown or operational data loss, and 54% expect an attack on critical infrastructure in the next year. [Read More]
APT actors have been exploiting recently disclosed vulnerabilities affecting enterprise VPN products from Fortinet, Pulse Secure and Palo Alto Networks, UK’s NCSC warns. [Read More]
A researcher has developed and open source intelligence (OSINT) to show how easy it is for adversaries to gather intelligence on critical infrastructure in the United States. [Read More]
Google is adding its Password Checkup tool to the Account password manager and Chrome, and it has unveiled some new privacy features for YouTube, Maps and Assistant. [Read More]
US Secretary of State Mike Pompeo warned Italy Wednesday of China's "predatory approach" to trade and investment, but Rome insisted its special powers over 5G supply deals would protect it. [Read More]
The Marsh/Microsoft 2019 Global Risk Perception Survey shows that organizations prefer a quick technological fix over building cyber resilience throughout the organization. [Read More]
Unprotected Cisco WebEx and Zoom meetings can be easily accessed by malicious actors due to an API enumeration vulnerability dubbed Prying-Eye. [Read More]
The Senate has passed the DHS Cyber Hunt and Incident Response Teams Act, which should help organizations prevent cyberattacks and respond to incidents. [Read More]
Vulnerability management solutions provider Kenna Security raises $48 million in a Series D funding round, which brings the total raised by the company to nearly $100 million. [Read More]
Threat intelligence firm Anomali unveils Lens, a new tool that makes it easy for organizations to find and use threat data from news articles, blogs, security bulletins, logs and social networks. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Marc Solomon's picture
National Cybersecurity Awareness Month (NCSAM) is a great vehicle to raise awareness for cybersecurity and to remind every organization that the ability to improve security operations begins with contextual awareness.
Josh Lefkowitz's picture
Here’s a crash-course on the intelligence cycle and how you can apply and derive value from its core principles—no matter your role or security discipline:
Torsten George's picture
Until government agencies start implementing identity-centric security measures, account compromise attacks will continue to provide a perfect cover for data breaches.
Jim Gordon's picture
Intel's Jim Gordon presents critical top 10 tactical action items every SMB should take to protect itself.
Gunter Ollmann's picture
Any bug hunter, security analyst, software vendor, or device manufacturer should not rely on CVSS as the pointy end of the stick for prioritizing remediation.
Torsten George's picture
A gradual improvement in cyber hygiene can go a long way toward keeping an organization immune from security infections and minimizing the risk of falling victim to a cyber-attack.
Ashley Arbuckle's picture
The convergence of security products and services is a welcomed development and will lead to improved security.
Ellison Anne Williams's picture
While threats facing private industry and government may once have looked distinctly different, the line separating attackers pursuing these two arenas is now so blurred that it’s often hard to distinguish one from another.
Gunter Ollmann's picture
CISOs should invest time in applying the resources of public cloud to bring automation, scalability, and AI to solving the given problem as a platform for all customers – past, present, and future.
Justin Fier's picture
As innovative attacks continue to expand the purview of cyber security, helping CISOs means equipping them with equally innovative tools that stand a fighting chance.