Ransomware. Phishing. Credential stuffing. These are among the top threats to financial institutions of all sizes. But small-to-midsized ones are particularly challenged to detect and respond to threats. Arctic Wolf's Todd Thiemann discusses the value of managed detection and response.
As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.
Real-world incidents prove over and over again that many of the most widespread issues still stem from a lack of basic cyber hygiene. This report looks at where organizations are falling on the basics and outlines steps for establishing a strong foundation for security.
Download this industry-leading report to...
Although there's widespread agreement that addressing security early in the software development cycle is an essential component to any breach prevention strategy, implementing DevSecOps can prove challenging.
Securing the public cloud is not as challenging as it used to be, but too many organizations are still taking the wrong approach, says Microsoft's Jonathan Trull. Understanding the shared responsibility model for security is critical, he says.
Security silos persist because stakeholders within the enterprise security ecosystem are focused on their own key performance indicators, says Abdallah Zabian of DXC Technology, who suggests a more holistic approach is needed.
Forty-eight percent of customers drop the products and services of organizations that have had a publicly-disclosed data breach. This is but one of the findings of the new 2018 Global State of Online Digital Trust study commissioned by CA Technologies. CA's David Duncan analyzes the results.
Application control remains one of the best techniques for blocking the vast majority of malware threats; however, implementation often falters due to poor planning.
What the world needs now is Integrity
Established as part of the CIA triad, Integrity's certainly not new cybersecurity vocabulary. But it's the least understood. Integrity is about maintaining a desired state. File Integrity Monitoring (FIM) is the clearest example, but it's important to extend Integrity more...
With the rise in popularity of containers, development and DevOps paradigms are experiencing a massive shift. You may be struggling to figure out how to secure this new class of assets and the environments they reside in.
Download this comprehensive whitepaper for guidance on:
How to think beyond securing just...
Is your cloud still dripping important company data?
You're responsible for protecting the data you store in public cloud infrastructure. That may be obvious, but organizations continue to leave cloud data exposed. With so many ways to inadvertently expose your environment, maintaining secure configurations can be a...
Threat intelligence platforms (TIPs) are at that inflection point and security teams are asking themselves, "Should we build or buy a TIP?" However, the better question to ask is, "Just because we could build one, should we?"
Download this whitepaper to learn:
What a TIP should be;
9 key considerations in the...
All Threat Intelligence Platforms (TIPs) are designed to help organizations aggregate, correlate, and analyze threat data from multiple sources in real time to support defensive actions. They do for threat data from external sources what a security incident and event management (SIEM) platform does for internally...
One measure of why it's so difficult for organizations to keep their software patched and better secured: Of the nearly 20,000 unique vulnerabilities in 2,000 products cataloged last year, only half involved Microsoft, Adobe, Java, Chrome or Firefox software, says Flexera's Alejandro Lavie.
Reddit suffered a data breach in June after attackers managed to bypass its SMS-based two-factor authentication system. User data from 2007 and before was compromised. Security experts say the breach should serve as a reminder that using any two-factor authentication is better than none.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
