The Council of the European Union has adopted a new cybersecurity strategy aimed at protecting EU citizens and businesses from cyberthreats by promoting best practices, such as strong encryption and threat information sharing.
A lack of centralized leadership, especially at the White House level, is hindering the federal government's ability to address numerous cybersecurity issues, including the SolarWinds supply chain attack that affected federal agencies and others, according to a new GAO report.
Organizations are using DevOps and Agile practices, coding in containers
and microservices, and adopting Kubernetes at a record pace to help
manage all these components. Even five years ago, the level of agility,
speed, and flexibility the cloud-native stack enables was but a dream.
Since Google first introduced...
CISA is warning that local K-12 school districts are increasingly under assault by cyberthreats targeting vulnerable networks that are disrupting physical and virtual education throughout the U.S. The top security problems include ransomware, Trojans and other malware as well as DDoS attacks.
Information Security Media Group's members-only CyberEdBoard CISO community has opened its doors, giving senior cybersecurity practitioners a private ecosystem to exchange intelligence, gain access to critical resources and enhance personal career capabilities in collaboration with peers around the world.
Cyberattacks have become a
common hazard for individuals and businesses. The World Economic Forum Global Risks
Report 2020 ranks them as the seventh most likely and eighth most impactful risk, and the
second most concerning risk for doing business globally over the next 10 years.
The need for strong...
Veracode recently released its first State of Software Security: Open Source edition report to analyse data on open source libraries that could expose companies to data breach risk. We found that 71% of all applications contain flawed open source libraries, and that the majority of those flaws come from downstream...
The number of cybersecurity incidents reported to the U.K.'s data privacy watchdog has continued to decline, recently plummeting by nearly 40%. But is the quantity of data breaches going down, or might organizations be failing to spot them or potentially even covering them up?
While nearly three-quarters of cybersecurity professionals would grade their organization's
ability to identify and mitigate a cyberattack, as above average or superior, nearly half have
been subject to a spear-phishing attack and a third have suffered a malware incident in the
last year. Further, over half of...
With the growth of the microservice architecture, a new space of containerized application orchestration frameworks has evolved, and Kubernetes (an open-source platform for managing containerized workloads and services and facilitates automating application deployment, scaling and management) is one of its largest...
Most cybersecurity tools are designed to help identify and alert on a particular type of malicious activity. But usually the burden lies with the organization to figure out whether the alert is meaningful in a broader context. Splunk can help centralize analysis and visibility across a multi-layered security...
Investing in a Security Orchestration, Automation and Response (SOAR) platform is a wise and highly strategic decision. After all, choosing the platform to build your security operations center on is arguably more important than choosing any point security product. But do you know what criteria you should consider...
Ask a group of security analysts about the challenges of working in cybersecurity, and you'll likely hear some common themes, like a high volume of security alerts, too many security point-products to manage, and a shortage of skilled cybersecurity talent.
Many teams have turned to security orchestration,...
U.S. prosecutors this week unsealed an indictment against the alleged hacker "Fxmsp" after his identity was revealed in a cybersecurity firm's report. That sequence of events has raised questions about information sharing and highlighted law enforcement's reliance on private cybersecurity researchers.