A new initiative by the Cyber Readiness Institute aims to promote best cybersecurity and vendor risk management practices to smaller enterprises. RiskRecon founder and CEO Kelly White offers his perspective on converting standards to practices.
A recent analyst report stated 80% of respondents confirmed the use of Web Application Firewalls (WAFs) to protect public-facing websites and applications, but most have remained concerned their WAFs may not be covering all of their security requirements. Your basic WAFs could be risking your data to theft and...
It's a fair question: Can you trust the fraud advice you're given from a former fraudster? Especially one who's betrayed law enforcement before? Brett Johnson says he's abandoned crime for good, and he shares insight on the types of fraud schemes he once practiced.
The U.K. has approved a plan to build a cutting-edge court complex in London designed to handle cybercrime, fraud and economic crime. The facility is expected to be a growth driver for the country's legal industry, despite the U.K.'s pending withdrawal from the European Union.
Leading the latest edition of the ISMG Security Report: CipherTrace CEO Dave Jevans discusses recent research on cryptocurrency money laundering and whether regulation is possible. Plus, California passes a new privacy law.
Patch management problem: Organizations must identify and fix all new vulnerabilities in their software and hardware as quickly as possible. Unfortunately, on average, attackers keep exploiting flaws faster than they're being patched, says Tenable's Gavin Millard.
With endpoint security, the fundamental concept was always to detect and prevent. Mature security strategies today are increasingly looking at response and remediation as well to complete the cycle, says Shrenik Bhayani of Kaspersky Lab.
To have any hope of keeping up "with the exponential rise in variants in malware," organizations must reduce their attack surface, in part by using technology designed to learn what attacks look like and respond as quickly as possible, says Cylance's Anton Grashion.
Companies are sending notification emails about a data breach at Typeform, a software-as-a-service platform for distributing and managing surveys, questionnaires and competitions. The breach is so far known to affect Travelodge, Fortnum & Mason, Monzo bank and the Tasmanian Electoral Commission.
Businesses undertaking digital transformation - typically involving a push to the cloud, amongst other initiatives - must put security first if they want their project to achieve optimum success, says Fortinet's Patrick Grillo.
The difficulty in hiring new information security personnel and need to combat the ever-rising number of threats is driving many organizations to seek increased incident response automation, and in many cases to get it by working with managed security service providers, says AlienVault's Mike LaPeters.
As organizations move more data into the cloud, too many are treating security as an afterthought, says Outpost24's Bob Egner. Instead, as part of an agile development program, he recommends making penetration testing a constant, and using solid DevSecOps to maintain optimal cloud data security.
Much more must be done to shore up the U.K.'s national infrastructure. "It's partly austerity, and it's partly what's happening in the global economy, but we've really seen an underinvestment, specifically in the critical national infrastructure," says LogRhythm's Ross Brewer.
The ThreatConnect platform was created to transform the way cybersecurity professionals do their work. While threat intelligence is still an evolving field of cybersecurity, it is important to note that with the actionable knowledge of incoming threats, a security team is able to prevent, detect, and respond to those...
Whether you are getting started with TI or seeking to expand an existing program, the Threat Intelligence Maturity Model provides a systematic guide to help you understand where your organization resides on the path to a mature threat intelligence program and how it can better apply threat intelligence to drive...