Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Kaspersky files new lawsuit over the U.S. government’s software ban, this time challenging the National Defense Authorization Act (NDAA) [Read More]
Pepperl+Fuchs HMIs are vulnerable to Meltdown and Spectre attacks, but exploitation should not be easy if organizations follow security best practices [Read More]
Schneider Electric patches vulnerabilities in IGSS automation system, including in SCADA software and mobile applications [Read More]
Mozilla announces intention to restrict the AppCache mechanism to secure connections in Firefox and other major web browser vendors plan on doing the same [Read More]
Two more misconfigured databases exposing the personal details of thousands of people were disclosed late last week [Read More]
Senator who conducted 4-month investigation into Equifax breach wants answers after credit agency admits that hackers accessed types of data not mentioned in initial disclosure [Read More]
Cisco is aware of attacks exploiting CVE-2018-0101, a critical remote code execution and DoS vulnerability affecting the company’s firewalls [Read More]
Gas stations exposed to remote hacker attacks due to several vulnerabilities found in a widely used automation system [Read More]
Malware and phishing attacks growingly abuse SSL to increase their chances of success, Zscaler said in its latest report [Read More]
Cisco, Apple, Aon and Allianz announced a new cyber risk management solution designed to help businesses reduce cyber risk associated with common malware-related threats. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Justin Fier's picture
The insider threat is under-scrutinized by the security community, leaving networks vulnerable to compromise by their own employees, especially those with privileged access.
Josh Lefkowitz's picture
Real-time intelligence is exceedingly difficult to attain. Many current offerings are limited in how they can address the broad spectrum of threats and adversaries that exist today.
Steven Grossman's picture
How can a company protect its information and operations without running askew of data privacy laws and the concerns of its customers?
Preston Hogue's picture
No company has the ability to mitigate all risks at all times. No company I’ve ever visited has even had all of its identified risks treated at any given point.
Alastair Paterson's picture
Like a coach, you need to be able to see the big picture with an approach that monitors the entire Internet for risks to your business.
Torsten George's picture
By supplementing traditional perimeter defense mechanisms with data integrity, identity management, and risk-based prioritization principals, organizations can significantly reduce their exposure
Alastair Paterson's picture
Remember that cybercriminals will shift targets and evolve their tactics, techniques and procedures (TTPs) throughout the year.
Steven Grossman's picture
President Ronald Reagan taught us to “trust but verify,” meaning trust is great, but blind trust is dangerous.
Josh Lefkowitz's picture
These tips and best practices will provide insight into some of the key components and processes of a successful usiness Risk Intelligence (BRI) program.
Torsten George's picture
We need to consider whether traditional approaches to vulnerability management are still viable and if just upgrading existing methods or tools is sufficient.