More cybersecurity drama, but some hope for defenders in 2018

More cybersecurity drama, but some hope for defenders in 2018

And this for the short descriptive sentence: From fileless malware attacks to attack attribution becoming more complex, 2018 won't offer less security drama. But there's still good reason for security professionals to be optimistic...

12/21/2017

What the good guys are up against: a roundup of popular attack vectors

What the good guys are up against: a roundup of popular attack vectors

To help the defenders know what they’re up against, here are some of the attack vectors that have been frequently used in recent months

10/09/2017

How security executives can feel comfortable in the boardroom and server room

How security executives can feel comfortable in the boardroom and server room

Successful CSOs and CISOs need to clearly articulate the importance of security to non-technical executives, show how security can help a company achieve its business goals and balance security with innovation.

05/23/2017

Cyber crime as a service forces changes in information security

Cyber crime as a service forces changes in information security

The advent of cyber crime as a service means professional hackers are behind the keyboard, and organizations must change their approach information security.

04/26/2017

What enterprises should take away from the CIA leak

What enterprises should take away from the CIA leak

Three lessons enterprises can learn from the recent WikiLeaks Vault 7 data leak that exposed CIA exploits.

03/28/2017

To improve information security, enterprises and government must share information

To improve information security, enterprises and government must share information

No single entity can handle information security on its own. That means enterprises and government must cooperate and work together on it.

03/01/2017

How to practice cybersecurity (and why it's different from IT security)

How to practice cybersecurity (and why it's different from IT security)

Cybersecurity isn’t about one threat or one firewall issue on one computer. It's about zooming out and getting a bigger perspective on what's going on in an IT environment.

01/30/2017

Lax IoT device security threatens to pollute the internet

Lax IoT device security threatens to pollute the internet

DDoS attacks powered by hijacked IoT devices have the potential to do much more than take down popular websites.

12/21/2016

Information security priorities for Trump's administration

Information security priorities for Trump's administration

Donald Trump's administration must emphasize that information security applies to all agencies and all Americans.

11/28/2016

How the government can help businesses fight cyber attacks

How the government can help businesses fight cyber attacks

Companies need help from the U.S. government if they’re going to face adversaries who are using nation-state cyber attack techniques.

10/28/2016

The future of security: A combination of cyber and physical defense

The future of security: A combination of cyber and physical defense

With more items gaining web connectivity as part of the Internet of Things movement, the need to protect physical devices from hackers will only increase.

09/29/2016

Hack the vote: How attackers could meddle in November’s elections

Hack the vote: How attackers could meddle in November’s elections

Infiltrating electronic voting machines isn't the only way hackers can interfere with an election. Other hacks can prevent voters from heading to the polls.

08/25/2016

Attack attribution does little to improve enterprise security

Attack attribution does little to improve enterprise security

Improving a company’s defenses should be the top priority after a hack, not spending time trying to attribute the attack.

07/29/2016

Cybersecurity: Stop the attacker's offense, don’t do defense

Cybersecurity: Stop the attacker's offense, don’t do defense

To beat today's sophisticated hackers, enterprises need to stop the adversary's offense. A strong cybersecurity defense isn't enough.

07/01/2016

Components of modern hacking operations

Components of modern hacking operations

Security professionals aren't fully aware of how detail-oriented hackers are when developing an attack campaign.

05/31/2016

Rip up the script when assembling a modern security team

Rip up the script when assembling a modern security team

Characteristics that a modern security team needs to combat sophisticated hackers

04/29/2016

What terrorism investigations can teach us about investigating cyber attacks

What terrorism investigations can teach us about investigating cyber attacks

Security professionals need to ditch the IT-based approach to investigating breaches and take a page from their law enforcement counterparts.

03/29/2016

Hacking operations are as vulnerable as a house of cards

Last month I met with the security team at a major bank to discuss their detection capabilities. The head of the bank’s security operation center claimed that his organization’s security stack could detect certain threats but he was...

02/19/2016

How my dyslexia launched my hacking career

How my dyslexia launched my hacking career

Security myopia is deeply embedded in the culture of cybersecurity teams. Moving past it requires swimming against a very strong current. In my view, it requires organizations to change their fundamental mindset about cyber defense.

01/27/2016

Load More