Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

PowerHammer attack allows hackers to stealthily exfiltrate data from air-gapped computers using power lines [Read More]
Mark Zuckerberg will appear before US lawmakers as a firestorm rocks Facebook over its data privacy scandal, with pressure mounting for new regulations on social media platforms. [Read More]
Best Buy customers may have had their payment card data stolen as a result of the breach suffered by online services provider [24]7.ai. [Read More]
Some 1.5 billion sensitive online files, from pay stubs to medical scans to patent applications, are visible on the open internet, cybersecurity firm Digital Shadows said. [Read More]
AWS launches new tools designed to help users manage firewalls, provision private certificates, and safely store and distribute credentials and other secrets [Read More]
The Varonis 2018 Global Data Risk Report contains the findings of 130 corporate risk analyses conducted during 2017, which examined more than 6 billion individual files from 30 different industries across more than 50 countries. [Read More]
The question is whether Facebook and/or CA would have been in breach of GDPR were it already operational, and therefore whether GDPR will prevent any future repetitions of this sort. [Read More]
Microsoft releases out-of-band update for Windows 7 and Windows Server 2008 to address a serious vulnerability introduced by Meltdown patches [Read More]
Cisco researchers discovered several vulnerabilities in Rockwell Automation’s Allen-Bradley MicroLogix 1400 controllers. Exploitation could result in significant damage [Read More]
The Meltdown patches released by Microsoft in January and February for Windows 7 and Windows Server 2008 introduced an even bigger vulnerability, researcher warns [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Steven Grossman's picture
Organizations are increasingly combining UEBA technology with other data sources and analytics methods to overcome cyber risk challenges on a broader scale.
Alastair Paterson's picture
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.
Erin O’Malley's picture
The CIA conducts extensive background investigations and requires polygraph examinations to gain a security clearance, yet a malicious insider apparently made off with a trove of secret CIA hacking tools.
Ashley Arbuckle's picture
The healthcare industry has a lot to gain by digital transformation. However it also has a lot to lose if it doesn’t start with security as a foundation.
Travis Greene's picture
Whether US government officials improve their handling of classified information in the new administration or not, industry can certainty learn from the blunders and reduce risks.
Eddie Garcia's picture
To reduce the chances of falling victim to an insider-driven breach, security and risk professionals should start by learning what their available data can tell them.
Aditya Sood's picture
The cloud is here to stay, and so long as employees use cloud apps from within an organization’s firewall, we’ll always have to wrangle with Shadow IT, Shadow Data and the attendant problems and risks.
Steven Grossman's picture
Beginning November 30, 2016, DoD third party contractors will be required to establish and maintain an insider threat program.
Eddie Garcia's picture
This article explains how to encrypt data in a Hadoop cluster. The tools are available, and if you are brave enough, you could attempt this at home.
Eddie Garcia's picture
A common misconception about native HDFS encryption is the belief that the data is encrypted when written to disk on the data nodes like most disk encryption solutions.