Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

WhatsApp on Tuesday reassured users about privacy at the Facebook-owned messaging service as people flocked to rivals Telegram and Signal following a tweak to its terms. [Read More]
Mimecast learned from Microsoft that one of its certificates was compromised by sophisticated threat actors, but the email security firm says impact is limited. [Read More]
A watchdog agency for the U.S. Census Bureau says that proper information-technology security safeguards weren’t in place leading up to the start of the 2020 census. [Read More]
German software maker SAP has published 10 bulletins with fixes for a range of serious security vulnerabilities. [Read More]
Microsoft's first batch of patches for 2021 includes a fix for a critical Microsoft Defender vulnerability that's been actively exploited. [Read More]
Shared Responsibility Matrices define the security and privacy responsibilities of cloud providers and their customers. [Read More]
The Microsoft Defender for Endpoint on Linux hits GA milestone and now provides endpoint detection and response (EDR) capabilities to all users. [Read More]
The U.S. chipmaker is adding hardware to the arsenal of tools available to defend against destructive and costly ransomware attacks. [Read More]
Ubiquity says no databases containing user data appear to have been accessed as a result of the data breach. [Read More]
User credentials, personally identifiable information, and other types of data belonging to United Nations Environment Programme employees exposed. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Torsten George's picture
Today’s dynamic threatscape requires security professionals to adjust to an ever-expanding attack surface.
Galina Antova's picture
The COVID-19 crisis and its associated constraints has shown us that many of the activities we considered “priorities” before March are not really priorities.
Gunter Ollmann's picture
The phrase “assume breach” has been transformational to enterprise security investment and defensive strategy for a few years but may now be close to retirement.
Justin Fier's picture
Businesses should be emphasizing visibility, early threat detection, and focusing on understanding ‘normal’ activity rather than ‘bad.’
Torsten George's picture
The tactics, techniques, and procedures (TTPs) used in the Twitter attack were not much different than in the majority of other data breaches and serve as valuable lessons for designing a modern cyber defense strategy.
Alastair Paterson's picture
Opportunities for accidental exposure of sensitive information are often compounded by multiple stakeholders using collaborative tools without the proper policies, oversight and security training.
Laurence Pitt's picture
To minimize the effect of an attack, an automated response is vital, which can reduce the amount of time between infection and resolution.
John Maddison's picture
By combining verifiable trust, intent-based segmentation, and integrated security, organizations can establish a trustworthy, security-driven networking strategy.
Jim Ducharme's picture
Let’s look at some real-world examples of the identity management challenges remote work is creating, and at what it means to rethink identity governance and lifecycle to meet those challenges.
Laurence Pitt's picture
Developing an ROI model takes time – my recommendation would be to focus on a simple security project that will return high value to the business when proven successful.