If you know who's accessing your cloud, you can head off many problems before they turn into disasters. You should ensure easy access for your trusted users but make it hard for everyone else. The lock on the front door of your home is there for a reason: to let the good guys in, and keep the bad guys out. But you...
Threat intelligence helps organizations become more proactive in their cybersecurity efforts. But not all threat intelligence is created equal. Traditional threat intelligence is tactical in nature, helping defenders more quickly respond to existing threats in your network. But you need to go beyond this...
The past few years have seen a steady stream of data breaches and yet the state of cyber risk management overall remains largely inconsistent. This is a problem because data breaches often lead to expensive and long-lasting ramifications. These developments reinforce the notion, particularly for those that are not...
Ransomware attacks against hospitals are becoming commonplace this year, with at least five incidents revealed in recent weeks. What steps can organizations take to avoid falling victim to these attacks?
In many enterprises, the CISO reports to the CIO, and occasionally you find a CIO who reports to the CISO. But Venafi's Tammy Moskites holds both roles. How does she manage the natural tension between IT and security?
Being FISMA compliant is tough enough. Doing so in a hybrid cloud, especially when pressured to be FedRAMP certified and continuously monitor systems, adds to the challenge.
Download this whitepaper to explore:
The challenges of being compliant and secure in a hybrid environment;
Products and strategies to...
The PCI Security Standards Council envisions a single, globally-unified data security standard. Now that the European Card Payment Association is a strategic regional member, that goal is significantly closer, says Jeremy King, the council's international director.
Cambridge Savings Bank in Massachusetts is incorporating biometrics into its online and mobile banking platform as a way to limit, and in some cases remove, the need for username and password authentication. In this case study interview, two bank executives discuss what others can learn from the project.
The notion of API management in which enterprise architects, app developers and IT security experts work in harmony is great in theory. The reality, according to new research from Ovum, is much more scattered.
The Department of Justice has been granted a delay of a March 22 hearing relating to a court order compelling Apple to help the FBI unlock the iPhone 5C issued to San Bernardino shooter Syed Rizwan Farook. That's because it says it may have found a way to unlock the phone without Apple's assistance.
A watchdog agency's audit of the Department of Veterans Affairs makes nearly three dozen recommendations for how the VA should address "material weakness" in its information security program. The VA's CIO tells Congress all the issues raised will be addressed by the end of next year.
Non-jailbroken iOS devices can be hacked by exploiting Apple's digital rights management feature called FairPlay, according to security experts, who say the vulnerability poses a risk to enterprises.
In the world of the extended enterprise, everybody seeks greater visibility into network activity. But Gidi Cohen was there in 2002, founding Skybox Security to provide analytics to improve cybersecurity. Cohen discusses the evolution of visibility.
Best practice for the use and management of privileged accounts
is a topic that even experienced IT professionals find
complicated.
IT professionals need to ensure that important maintenance
and management tasks can be completed in a timely
manner, so they often share the passwords
for very powerful accounts...
Effectively managing privileged accounts (sometimes called
superuser accounts) is becoming more and more critical as
security and compliance emerge as the driving forces behind
most IT initiatives. Unfortunately, native tools and manual
practices for privileged account management are proving to be
inadequate for...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.