Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

DigiCert addresses the concerns raised by Mozilla and others regarding its acquisition of Symantec’s certificate business [Read More]
Security analytics firm Skybox raises $150 million to advance its cybersecurity management product [Read More]
Symantec announces new capabilities in Symantec Endpoint Protection (SEP) and claims it’s leapfrogging the competition [Read More]
Organizations are increasingly turning to machine learning for security solutions, according to a new study commissioned by Cylance [Read More]
Endgame used Mitre’s ATT&CK Matrix to evaluate its endpoint detection and response product by emulating an APT3 attack [Read More]
Google says roughly two-thirds of the websites loaded through Chrome use HTTPS by default [Read More]
U.S. Federal Energy Regulatory Commission (FERC) proposes new cyber security management controls to enhance power grid reliability and resilience [Read More]
DHS issues binding operational directive requiring all federal agencies to use HTTPS, DMARC and STARTTLS [Read More]
Utility executives worldwide are concerned that cyberattacks could disrupt their electric distribution grids in the next five years [Read More]
Oracle announces new cloud security services and improvements to existing products at company’s OpenWorld convention [Read More]

FEATURES, INSIGHTS // Security Architecture

rss icon

Joshua Goldfarb's picture
Tree rings occur when the growing season ends and growth stops. To avoid stagnation, a security organization must never stop growing.
Wade Williamson's picture
By building security controls that identify and correlate the malicious behaviors of an attack, we can begin to the tip the scales back in our favor.
Pat Calhoun's picture
While individual products and technologies are important weapons, they operate in a silo and lose sight of the bigger picture. The reality is that you can’t just rely on a single defense or a silver bullet.
Marcus Ranum's picture
When you start keeping a long-term data series, remember that you can't change your algorithm for interpreting it on a regular basis.
Joshua Goldfarb's picture
While intelligence is a critical component of a mature security program, it should not drive security. A risk-driven approach provides a much more comprehensive and scientific approach that allows organizations to keep pace with today’s sophisticated threats.
Nate Kube's picture
Nate introduces various perspectives on cybersecurity as a moniker, shares some illuminating data, and presents a vernacular to move our field forward.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
Avi Chesla's picture
In order to be effective, security solutions must become more directly associated, in real-time, to cyber defense planning models.
Joshua Goldfarb's picture
Is budget a good metric for security? In other words, if an organization wishes to improve its security posture, is spending more money an appropriate response?
Rebecca Lawson's picture
There is a common misconception that in order to move to virtual security solutions, companies can, or should, replace physical security technologies they rely on to keep their networks safe today.