Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Local credit union, Bessemer System Federal Credit Union (BSFCU), sued Fortune 500 tech giant Fiserv over ‘amateurish security lapses’ in 2019. Fiserv counterclaimed with a motion to dismiss, and Bessemer motioned to dismiss the counterclaim. [Read More]
The patch comes exactly one week after the Redmond, Wash. software giant acknowledged the CVE-2021-40444 security defect and confirmed the existence of in-the-wild exploitation via booby-trapped Microsoft Office documents. [Read More]
Cybersecurity ratings company BitSight received a $250 million investment from Moody’s, valuing the firm at $2.4 billion. [Read More]
Tenable makes its priciest acquisition to date and expands its product portfolio with capabilities to detect security problems in code before they become operational security risks. [Read More]
New research from HP Wolf Security indicates that implementing certain security solutions may suffer from the resurgence of an old problem: user resistance. [Read More]
Cisco warns that these vulnerabilities could be exploited by attackers to reboot devices, elevate privileges, or overwrite and read arbitrary files. [Read More]
The U.S. government's CISA and OMB are seeking the public’s opinion on draft zero trust strategic and technical documentation. [Read More]
Howard University closed its physical campus and canceled classes this week after experiencing a ransomware attack. [Read More]
The Android Security Bulletin for September 2021 includes patches for a total of 40 vulnerabilities, including seven that are rated critical. [Read More]
The agency's guidance is aimed at three main decision-maker groups and should help reduce overall risks associated with Managed Service Providers (MSPs). [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Keith Ibarguen's picture
Far too many engineers in the trenches don’t take the time to lift their heads to see context, so when good (and bad) things happen, this is a great management opportunity that you should take full advantage of.
Landon Winkelvoss's picture
Security and intelligence teams often lack finished intelligence, which leaves them ill-equipped to combat motivated and sophisticated adversaries.
William Lin's picture
After every company goes through digital transformation, their threat model will change in response.
Derek Manky's picture
As we see an increasing number of recent attacks against critical infrastructure – cybersecurity and physical security can be intrinsically linked.
Rob Fry's picture
We are a community with grand ideas around the concept of crowdsourced threat intel (CTI), but with little history or previous successes that show CTI as a viable idea.
Landon Winkelvoss's picture
Executive protection teams face threats from many sources including social media, telephone, email, and event in-person physical threats.
Landon Winkelvoss's picture
Ineffective security approaches when integrating two separate organizations can lead to significant issues that could undercut the business value of a merger or acquisition.
Landon Winkelvoss's picture
While cyber due diligence has yet to become commonplace in M&A transactions, the consequences of failing to identify risks and active campaigns can have costly implications.
Gunter Ollmann's picture
In the merry-go-round world of InfoSec technologies and “what’s old is new again,” this year we should include Attack Surface Management with a dash of Continuous.
Laurence Pitt's picture
School network administrators should be taking precautions to prepare for the new challenges of the upcoming academic year.