When visibility into systems is subpar, attackers gain an edge, says Michelle Cobb of Skybox Security, who offers insights on using the right technologies.
What endpoint security practices yield the best results? Richard Henderson of Absolute Software describes how to use effectively use appropriate technologies.
Can technology solve the problem of giving law enforcement access to all encrypted communications without additional risks to the public? Software legend Ray Ozzie says he has an idea. But it's unlikely to quell the debate over hard-to-break encryption.
Two recent security incidents involving ransomware attacks on vendors serve as the latest reminders of the risks business associates pose to healthcare organizations. What steps should entities take to mitigate those risks?
Police have taken down Webstresser, a leading stresser/booter service tied to 4 million on-demand DDoS attacks, which could be used for as little as $15 per month. Six of the site's administrators have been arrested, as have some of the site's top users, authorities say.
The likelihood of encountering a sophisticated cyberattack is much higher than ever before - especially with the leak of government-grade hack tools in the public domain, says Dan Larson of CrowdStrike, who discusses the latest threat research.
Too many organizations believe in the fallacy that firewalls are keeping the bad guys out, when in reality, bad actors likely are already within their environments, says Bill Mann at Centrify, who calls for a "zero trust" approach.
Plenty has been said about threats to internet of things devices - and rightfully so. But what about operational technology that often has been neglected by security controls? Mark Nunnikhoven of Trend Micro weighs in on OT risks.
Managing the key management lifecycle for multiple encryption capabilities across platforms and infrastructures is emerging as a challenge for enterprises, says Peter Galvin of Thales eSecurity.
Rather than focusing solely on preventing breaches, organizations must also embrace detection and response, says Tim Roddy of Fidelis Cybersecurity, who offers strategic insights.
Are you a fraudster craving an easy way to generate Microsoft Office documents with embedded malicious macros designed to serve as droppers that install banking Trojans onto a victim's PC? Say hello to a toolkit that debuted in February called Rubella Macro Builder.
Yahoo, now known as Altaba, has agreed to a $35 million civil fine with the U.S. Securities and Exchange Commission to settle accusations that the search giant failed to promptly notify investors about a December 2014 data breach.
Visibility in the cloud includes understanding all aspects of critical applications and comparing this data in real time with historical data, says Sharon Besser of GuardiCore. This enables implementation of an effective and efficient security policy, he says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.