Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Industrial control systems (ICS) are vulnerable to power analysis side-channel attacks, researcher warns [Read More]
More than a quarter of the malware delivered via USB devices to industrial facilities can cause major disruptions to ICS, says Honeywell [Read More]
Google announces reCAPTCHA v3, which aims to improve user experience by eliminating challenges [Read More]
Department of Defense announces new Hack the Pentagon bug bounty program that allows it to run year-long assessments for high-value systems [Read More]
New report from CyberX shows that plaintext passwords, direct connections to the Internet, the lack of automated updates for antiviruses, and outdated operating systems often put industrial systems at risk of attacks [Read More]
Cisco and F5 Networks are investigating the possible impact of the recently patched libssh vulnerability on their products, while other vendors have concluded similar investigations [Read More]
Cyberbit launches SCADAScan, a portable solution for assessing the security of ICS/SCADA networks [Read More]
Many servers may be exposed to attacks due to an authentication bypass vulnerability affecting the libssh SSH library [Read More]
Mozilla commissioned a security audit of the Firefox update system. No critical vulnerabilities were found and the high severity flaws were not easy to exploit [Read More]
Siemens informed customers that many of its products are affected by the recently disclosed Foreshadow/L1TF vulnerabilities in Intel processors [Read More]
- 1 of 66
- ››
FEATURES, INSIGHTS // Risk Management
A small business with one running all of IT, cannot defend against cyber-attacks from the North Korean military with the same vigor as Lockheed Martin or Northrup Grumman.
Like the NIST Cybersecurity Framework, it integrates relevant regulations (e.g., HIPAA) and standards (NIST 800-53, ISO 27001, PCI DSS) into a single overarching security framework.
There’s no point in having billions of data points if those data points aren’t timely, accurate, actionable, and adequately map to your intelligence objectives and requirements.
Board members and senior management are likely to wave off CISO techno-speak and push to get their questions answered on their terms.
Over time, holding people responsible will lead individuals to see how their actions impact the security of the organization and come to consider themselves responsible for the security of the company.
It is important to understand how the right intelligence can support network defense teams, fraud, physical security, M&A, insider threat, supply chain, and brand reputation teams, among others.
Although the challenge may seem insurmountable, there’s a lot that security professionals can do to mitigate insider risk.
Cyber risk has risen to the level of enterprise risk – which they expect to be measured, managed, and reported in the terms that the rest of the enterprise understands.
Cybersecurity teams need to adopt an adversarial mindset and understand what their enemies are capable of and prepare an appropriate response.
Solving the security challenges healthcare providers face will fuel faster growth, enable further digital transformation, and ultimately result in enhanced patient care and data protection.
- 1 of 29
- ››
SecurityWeek Daily Briefing
- New Vehicle Hack Exposes Users’ Private Data Via Bluetooth
- Instagram Download Tool Exposes User Passwords
- Microsoft Enhances Windows Defender ATP
- Small Businesses, Big Breaches
- Iran-Linked Hackers Use Just-in-Time Creation of Weaponized Attack Docs
- Singapore Signs Cybersecurity Agreements With US, Canada
- Hackers Earn $1 Million for Zero-Day Exploits at Chinese Competition
- Suspected Russian Hackers Impersonate State Department Aide
- Smartphones: A Double-edged Sword for Terrorists
- Does Not Compute: Japan Cyber Security Minister Admits Shunning PCs
Copyright © 2018 Wired Business Media. All Rights Reserved. Privacy Policy