Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Industrial control systems (ICS) are vulnerable to power analysis side-channel attacks, researcher warns [Read More]
More than a quarter of the malware delivered via USB devices to industrial facilities can cause major disruptions to ICS, says Honeywell [Read More]
Google announces reCAPTCHA v3, which aims to improve user experience by eliminating challenges [Read More]
Department of Defense announces new Hack the Pentagon bug bounty program that allows it to run year-long assessments for high-value systems [Read More]
New report from CyberX shows that plaintext passwords, direct connections to the Internet, the lack of automated updates for antiviruses, and outdated operating systems often put industrial systems at risk of attacks [Read More]
Cisco and F5 Networks are investigating the possible impact of the recently patched libssh vulnerability on their products, while other vendors have concluded similar investigations [Read More]
Cyberbit launches SCADAScan, a portable solution for assessing the security of ICS/SCADA networks [Read More]
Many servers may be exposed to attacks due to an authentication bypass vulnerability affecting the libssh SSH library [Read More]
Mozilla commissioned a security audit of the Firefox update system. No critical vulnerabilities were found and the high severity flaws were not easy to exploit [Read More]
Siemens informed customers that many of its products are affected by the recently disclosed Foreshadow/L1TF vulnerabilities in Intel processors [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Mike Fleck's picture
A small business with one running all of IT, cannot defend against cyber-attacks from the North Korean military with the same vigor as Lockheed Martin or Northrup Grumman.
Torsten George's picture
Like the NIST Cybersecurity Framework, it integrates relevant regulations (e.g., HIPAA) and standards (NIST 800-53, ISO 27001, PCI DSS) into a single overarching security framework.
Josh Lefkowitz's picture
There’s no point in having billions of data points if those data points aren’t timely, accurate, actionable, and adequately map to your intelligence objectives and requirements.
Nick Sanna's picture
Board members and senior management are likely to wave off CISO techno-speak and push to get their questions answered on their terms.
Justin Fier's picture
Over time, holding people responsible will lead individuals to see how their actions impact the security of the organization and come to consider themselves responsible for the security of the company.
Josh Lefkowitz's picture
It is important to understand how the right intelligence can support network defense teams, fraud, physical security, M&A, insider threat, supply chain, and brand reputation teams, among others.
Alastair Paterson's picture
Although the challenge may seem insurmountable, there’s a lot that security professionals can do to mitigate insider risk.
Nick Sanna's picture
Cyber risk has risen to the level of enterprise risk – which they expect to be measured, managed, and reported in the terms that the rest of the enterprise understands.
Marie Hattar's picture
Cybersecurity teams need to adopt an adversarial mindset and understand what their enemies are capable of and prepare an appropriate response.
Torsten George's picture
Solving the security challenges healthcare providers face will fuel faster growth, enable further digital transformation, and ultimately result in enhanced patient care and data protection.