Security Experts:

Management & Strategy
long dotted


Starting with its next stable release, Tor (The Onion Router) browser will reject End-Of-Life relays by default, the Tor Project has announced. [Read More]
A survey of over 1,700 individuals in the utilities sector shows that 56% have reported at least one shutdown or operational data loss, and 54% expect an attack on critical infrastructure in the next year. [Read More]
A group of cybersecurity companies launch the Open Cybersecurity Alliance (OCA), a joint effort focused on the development of open source security technologies. [Read More]
APT actors have been exploiting recently disclosed vulnerabilities affecting enterprise VPN products from Fortinet, Pulse Secure and Palo Alto Networks, UK’s NCSC warns. [Read More]
Turkey’s data protection authority says it has imposed a 1.6 million Turkish lira ($280,000) fine on Facebook for contravening the country’s data laws. [Read More]
Officials are calling on Facebook not to use encryption in its messaging services that does not provide authorities a way to see what is being sent. [Read More]
A researcher has developed and open source intelligence (OSINT) to show how easy it is for adversaries to gather intelligence on critical infrastructure in the United States. [Read More]
Alabama's DCH Health System temporarily quit accepting new patients in its hospitals after a ransomware attack crippled some of its computer systems. [Read More]
Customer support company Zendesk discloses a 2016 data breach that appears to have impacted 10,000 accounts. [Read More]
Google is adding its Password Checkup tool to the Account password manager and Chrome, and it has unveiled some new privacy features for YouTube, Maps and Assistant. [Read More]

FEATURES, INSIGHTS // Management & Strategy

rss icon

Joshua Goldfarb's picture
The Segway can offer us more security insight that we might initially realize. It is in this spirit that I offer five ways in which a Segway can instruct us as to how to improve our security programs and security postures.
Josh Lefkowitz's picture
No organization is fully immune to ransomware attacks, which is why having a comprehensive and well-tested incident response (IR) plan can make all the difference.
Stan Engelbrecht's picture
What does the cyber kill chain have to do with Sherlock Holmes, and this quote in particular?
Ashley Arbuckle's picture
While we can’t turn our attention away from gathering data, we must devise new ways to deal with the onslaught of data. Humans simply can’t keep up, and the problem is getting worse.
Marc Solomon's picture
The security market has become confusing and it is not about the product or technology to be used; it is about solving a specific problem.
Josh Lefkowitz's picture
Many businesses either don’t have a risk appetite statement, or they have one that was developed without input and guidance on cyber risk from the CISO.
Torsten George's picture
A gradual improvement in cyber hygiene can go a long way toward keeping an organization immune from security infections and minimizing the risk of falling victim to a cyber-attack.
Laurence Pitt's picture
Creating and maintaining a successful security strategy is not a simple task, but with the right sponsorship and external resources, it does not have to be a negative experience.
Joshua Goldfarb's picture
Josh Goldfarb discusses some of the connections between the information security profession and the magical days of summer vacation.
Marc Solomon's picture
Security teams have more internal system data than they know what to do with from sources including the SIEM system, log management repository, case management systems and security infrastructure. Security analysts struggle to make sense of too much data.