More cybersecurity drama, but some hope for defenders in 2018

More cybersecurity drama, but some hope for defenders in 2018

And this for the short descriptive sentence: From fileless malware attacks to attack attribution becoming more complex, 2018 won't offer less security drama. But there's still good reason for security professionals to be optimistic...

12/21/17

What the good guys are up against: a roundup of popular attack vectors

What the good guys are up against: a roundup of popular attack vectors

To help the defenders know what they’re up against, here are some of the attack vectors that have been frequently used in recent months

10/09/17

How security executives can feel comfortable in the boardroom and server room

How security executives can feel comfortable in the boardroom and server room

Successful CSOs and CISOs need to clearly articulate the importance of security to non-technical executives, show how security can help a company achieve its business goals and balance security with innovation.

05/23/17

Cyber crime as a service forces changes in information security

Cyber crime as a service forces changes in information security

The advent of cyber crime as a service means professional hackers are behind the keyboard, and organizations must change their approach information security.

04/26/17

What enterprises should take away from the CIA leak

What enterprises should take away from the CIA leak

Three lessons enterprises can learn from the recent WikiLeaks Vault 7 data leak that exposed CIA exploits.

03/28/17

To improve information security, enterprises and government must share information

To improve information security, enterprises and government must share information

No single entity can handle information security on its own. That means enterprises and government must cooperate and work together on it.

03/01/17

How to practice cybersecurity (and why it's different from IT security)

How to practice cybersecurity (and why it's different from IT security)

Cybersecurity isn’t about one threat or one firewall issue on one computer. It's about zooming out and getting a bigger perspective on what's going on in an IT environment.

01/30/17

Lax IoT device security threatens to pollute the internet

Lax IoT device security threatens to pollute the internet

DDoS attacks powered by hijacked IoT devices have the potential to do much more than take down popular websites.

12/21/16

Information security priorities for Trump's administration

Information security priorities for Trump's administration

Donald Trump's administration must emphasize that information security applies to all agencies and all Americans.

11/28/16

How the government can help businesses fight cyber attacks

How the government can help businesses fight cyber attacks

Companies need help from the U.S. government if they’re going to face adversaries who are using nation-state cyber attack techniques.

10/28/16

The future of security: A combination of cyber and physical defense

The future of security: A combination of cyber and physical defense

With more items gaining web connectivity as part of the Internet of Things movement, the need to protect physical devices from hackers will only increase.

09/29/16

Hack the vote: How attackers could meddle in November’s elections

Hack the vote: How attackers could meddle in November’s elections

Infiltrating electronic voting machines isn't the only way hackers can interfere with an election. Other hacks can prevent voters from heading to the polls.

08/25/16

Attack attribution does little to improve enterprise security

Attack attribution does little to improve enterprise security

Improving a company’s defenses should be the top priority after a hack, not spending time trying to attribute the attack.

07/29/16

Cybersecurity: Stop the attacker's offense, don’t do defense

Cybersecurity: Stop the attacker's offense, don’t do defense

To beat today's sophisticated hackers, enterprises need to stop the adversary's offense. A strong cybersecurity defense isn't enough.

07/01/16

Components of modern hacking operations

Components of modern hacking operations

Security professionals aren't fully aware of how detail-oriented hackers are when developing an attack campaign.

05/31/16

Rip up the script when assembling a modern security team

Rip up the script when assembling a modern security team

Characteristics that a modern security team needs to combat sophisticated hackers

04/29/16

What terrorism investigations can teach us about investigating cyber attacks

What terrorism investigations can teach us about investigating cyber attacks

Security professionals need to ditch the IT-based approach to investigating breaches and take a page from their law enforcement counterparts.

03/29/16

Hacking operations are as vulnerable as a house of cards

Hacking operations are as vulnerable as a house of cards

Last month I met with the security team at a major bank to discuss their detection capabilities. The head of the bank’s security operation center claimed that his organization’s security stack could detect certain threats but he was...

02/19/16

How my dyslexia launched my hacking career

How my dyslexia launched my hacking career

Security myopia is deeply embedded in the culture of cybersecurity teams. Moving past it requires swimming against a very strong current. In my view, it requires organizations to change their fundamental mindset about cyber defense.

01/27/16

Load More