Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Following a major software supply chain compromise that exposed data for several major companies, CodeCov plans to kill off the Bash Uploader tool that was responsible for the breach. [Read More]
Security researchers at Group-IB believe that Chinese nation-state threat actor APT41 performed the cyberattack against aviation IT firm SITA [Read More]
After a major restructuring earlier this year, Akamai hands security leadership reins to 15-year cybersecurity veteran Dr Boaz Gelbord. [Read More]
Recorded Future launches an in-house initiative that sets aside $20 million to invest in seed-stage and Series A startups in the nascent threat-intelligence space. [Read More]
CrowdStrike warns that SonicWall patches released in 2019 do not properly address a vulnerability in the company’s Secure Remote Access (SRA) devices. [Read More]
The White House dropped Trump-era executive orders intended to ban the popular apps TikTok and WeChat and will conduct its own review aimed at identifying national security risks with software applications tied to China. [Read More]
Microsoft warns that attackers are simultaneously deploying TensorFlow pods on multiple Kubernetes clusters to mine cryptocurrency. [Read More]
The new Amazon Sidewalk mesh network links tens of millions of Amazon smart devices, each sharing a tiny sliver of their bandwidth to provide a wide network of connectivity even when and where WiFi service is poor or unavailable. What are the privacy and security implications? [Read More]
SAP releases patches for a total of 11 security flaws in NetWeaver, five of which are rated high-severity. [Read More]
Adobe's June batch of security patches address a swathe of potentially dangerous vulnerabilities in Adobe Acrobat and Reader, Adobe Photoshop, and the ever-present Adobe Creative Cloud Desktop Application. [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

William Lin's picture
Data security is a tough topic to summarize and I’d argue it may be the most misunderstood category in security right now.
Gunter Ollmann's picture
CISOs and their security teams need to quickly master these technologies if they’re to successfully partner with in-house development teams and secure “data-in-use.”
Gunter Ollmann's picture
It is reasonable to assume that within five years the term “confidential compute” will become superfluous and an assumed native component of all cloud services.
Alastair Paterson's picture
Opportunities for accidental exposure of sensitive information are often compounded by multiple stakeholders using collaborative tools without the proper policies, oversight and security training.
Laurence Pitt's picture
For an MSP looking to grow business, the convergence of SD-WAN and security, along with the transitional needs of customers, translates to opportunity.
Jim Gordon's picture
Individuals and security professionals should have a 360 mindset and know the actions needed to take in the pursuit of data protection and the preservation of privacy.
Alastair Paterson's picture
If it takes a whole village to raise a child, it takes a whole community of vendors and business partners to build a secure data environment.
Ellison Anne Williams's picture
Data in Use has become a point of least resistance for an attacker. There is a major industry need to recognize this lapse and close the gap in data security by protecting data while it is being used.
Gunter Ollmann's picture
DLP has always been tricky to deploy and enforce, and most CISOs can freely regale stories of DLP promises and their subsequent failures.
Ellison Anne Williams's picture
Data protection schemes must recognize and secure data as it exists at all points in the processing lifecycle, whether at rest, in transit, or in use.