NTT Security and WhiteHat Security Describe Deal

Data Breach Today

NTT's Khiro Mishra and WhiteHat's Craig Hinkley on Application Security NTT Security has signed a definitive agreement to acquire WhiteHat Security.

3 Critical Security Conversations

Data Breach Today

Oscar Chavez-Arietta of Sophos on Key Topics The cloud, artificial intelligence and security as a service - these are the three critical conversations that security leaders need to be having with their business counterparts, says Oscar Chavez-Arietta, vice president, Latin America, at Sophos

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Multilayered Security Gets Personal

Data Breach Today

First Data's Tim Horton on Why Encryption Is Not Enough to Secure PII When large-scale data breaches started to proliferate more than a decade ago, security leaders called for end-to-end data encryption.

How Trump Hollowed Out US National Security

WIRED Threat Level

Security Security / National SecurityActing director of national intelligence Richard Grenell is just the latest in a cascade of temporary or vacant personnel in critical government positions. .

Boosting Secure Coding Practices

Data Breach Today

Carlos Pero of Zurich Insurance on Gaining Buy-In Carlos Pero, who heads cyber application security at Zurich Insurance, discusses how to get developers to buy in to secure coding practices

5G Security

Schneier on Security

The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Since the internet, especially the "internet of things," is expected to rely heavily on 5G infrastructure, potential Chinese infiltration is a serious national security threat.

'Wartime' Security Mentality Revisited

Data Breach Today

Five years ago, cybersecurity executive Dave Merkel called upon enterprises to shed their "peacetime" mindsets and adopt a "wartime" stance against persistent cybercriminals and nation-state actors. How have they risen to that challenge

RSA Conference 2020: ISMG Spotlights Security Leaders

Data Breach Today

Over 200 Video Interviews With Experts Planned Information Security Media Group, a premier media partner at the annual RSA Conference, will conduct over 200 video interviews at this year's event with cybersecurity thought leaders, executives, CISOs and sponsors

Security Firm Prosegur Hit By Ryuk Ransomware

Data Breach Today

Incident May Have Disrupted Networked Security Cameras Global security company Prosegur has blamed Ryuk ransomware for a service disruption that started Wednesday, which may have hampered networked alarms.

Election Security

Schneier on Security

Stanford University's Cyber Policy Center has published a long report on the security of US elections. Summary: it's not good. nationalsecuritypolicy reports securityengineering threatmodels voting

Security Affairs newsletter Round 252

Security Affairs

The best news of the week with Security Affairs. 5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure. DOD DISA US agency discloses a security breach. The post Security Affairs newsletter Round 252 appeared first on Security Affairs.

Cloud Security: Overcoming Roadblocks

Data Breach Today

While secure coding has always been an imperative, in a cloud-based environment, BMC Software's Rick Bosworth says it is especially critical since the liability does not rest with cloud services providers for secure configuration

Cloud 109

Lack of Secure Coding Called a National Security Threat

Data Breach Today

The lack of secure coding is a pervasive and serious threat to national security, according to a new paper from the Institute for Critical Infrastructure Technology. In an interview, Rob Roy, co-author of the report, outlines what steps should be taken to encourage or enforce secure coding practices

Update: Internet Security Threat Report

Data Breach Today

Kevin Haley of Symantec Shares Key Findings Kevin Haley of Symantec shares key findings from the company's latest Internet Security Threat Report

How IoT Changes Security

Data Breach Today

Steve Rog of ForeScout Technologies on Improving Security Hygiene The growth of IoT means traditional methods of security are inadequate, says Steve Rog of ForeScout Technologies, who calls for improvements in security hygiene

IoT 208

What the Marriott Breach Says About Security

Krebs on Security

Or a previously unknown security flaw gets exploited before it can be patched. They’re reshuffling the organizational chart so that people in charge of security report to the board, the CEO, and/or chief risk officer — anyone but the Chief Technology Officer.

The Unsexy Threat to Election Security

Krebs on Security

Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. Public confidence is at stake, even if the vote itself is secure.”

Own Your Cloud Security

Thales eSecurity

Secure. theme will help to encourage personal accountability and proactive behavior in digital privacy, security best practices, common cyber threats and cybersecurity careers. Specifically, AWS is responsible for the “security of the cloud”. Data security

Cloud 119

Securing Connected Medical Devices

Data Breach Today

Safi Oranski of CyberMDX Says to Secure Them, First You Have to Find Them A major challenge in ensuring medical device security is tracking all of these devices, says Safi Oranski of CyberMDX, who offers a review of other critical issues

Android 7.0+ Phones Can Now Double as Google Security Keys

Krebs on Security

and higher can now be used as Security Keys , an additional authentication layer that helps thwart phishing sites and password theft. But Google said starting this week, any mobile phone running Android 7.0+ (Nougat) can serve the same function as a USB-based security key.

Security Flaw Exposed Valid Airline Boarding Passes

Data Breach Today

Amadeus Patches Check-In Software Used by Hundreds of Airlines A vulnerability in global airline check-in software used by 500 airlines could have been exploited to download other individuals' valid boarding passes, potentially giving them access to restricted airport spaces, warns security expert David Stubley. The flaw in Amadeus travel software has now been fixed.

Best Practices for Device Security

Data Breach Today

Steve Hyman of Ordr on the Importance of Network Visibility As healthcare providers connect more and more devices to their networks, ensuring data security becomes far more complex, says Steve Hyman of Ordr, who describes best practices

Securing the 2020 Election

Data Breach Today

Brigadier General (retired) Francis X. Taylor Says 'Check Your Politics at the Door' In 2016, Retired Brigadier General Francis X. Taylor had a front-row seat to the election interference threat picture. Today, as a leader of U.S. CyberDome, what's his view on how well the U.S.

MIT Researchers: Online Voting App Has Security Flaws

Data Breach Today

Voatz Smartphone App Used in 2018 Vulnerable to Hacking, Report Alleges MIT security researchers have published a paper that describes several security flaws in Voatz, a smartphone app used for limited online voting during the 2018 midterm elections.

Paper 188

OnDemand Webinar | Using Security Ratings to Achieve Security Goals

Data Breach Today

How Ratings Can Be Leveraged To Improve Security Performance And Vendor Risk Management Watch this OnDemand webinar and learn how ratings be leveraged to improve security performance and vendor risk management

Risk 141

Building Security Into Cloud Migration

Data Breach Today

Microsoft's Terence Gomes on Cloud Security and Some Misconceptions It's essential that security be built into cloud migrations and not handled as an afterthought, says Terence Gomes of Microsoft

Cloud 141

Revisiting Election Security Threats

Data Breach Today

FBI's Elvis Chan on What's Being Done to Secure the 2020 Election Heading into the 2020 U.S. presidential election preseason, the FBI is squarely focused on defending against nation-state hacks or influence. Elvis Chan of the FBI talks about preparations for a cybersecure election

Digital Transformation: Security Best Practices

Data Breach Today

RSA's Holly Rollo on the Importance of Third-Party Risk Management Organizations going through a digital transformation need to make sure they develop a sound third-party risk management strategy, says RSA's Holly Rollo, who discusses best practices

Google: Security Keys Neutralized Employee Phishing

Krebs on Security

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity.

Securing the Hyper-Connected Enterprise

Data Breach Today

Cequence Security's Larry Link on Defending the New Norm In today's hyper-connected enterprise, organizations are at risk of two different types of attack. Larry Link, CEO of Cequence Security, explains how to defend at a platform level - without adding friction

The State of API Security

Data Breach Today

Jacques Declas of 42Crunch on the Need for Frequent Security Updates The lifecycle of security needs to match the lifecycle of APIs, which get replaced very frequently, says Jacques Declas of 42Crunch

The Challenge of Secure Coding

Data Breach Today

Jeff Williams of Contrast Security on Why Application Security Is So Critical In today's highly connected, cloud-based environment, application security is more critical than ever, says Jeff Williams, co-founder and CTO of Contrast Security, who explains why

Cloud 168

EMV 3D Secure: Upcoming Milestones

Data Breach Today

Fiserv's Jackie Hersch on Compliance, Improving Fraud Defenses The EMV 3D Secure specification faces some milestone dates in Europe and the U.S. What are these milestones, and how does the standard fit into fundamental fraud defenses? Jackie Hersch of Fiserv shares insight

Strategies for Securing Digital Transformation

Data Breach Today

PJ Maloney and William 'Buck' Houston on Steps to Bolster Cyber Defense Digital transformation is the buzz across all sectors, but it poses significant security risks to enterprises.

Enhancing Security Governance

Data Breach Today

Longtime CISO Vito Sardanopoli on Building an Effective Security Program A formal security program that spells out precise governance components is critical to protecting sensitive data, says Vito Sardanopoli, who served on the U.S.

NIST Issues Draft Guidance for Securing PACS

Data Breach Today

Tips on Keeping Picture Archiving and Communications Systems Secure New draft guidance from the National Institute of Standards and Technology aims to help healthcare organizations improve the security of picture archiving and communications systems, or PACS

Balancing Digital Transformation and Security

Data Breach Today

Kaspersky's Claire Hatcher Describes a Layered Approach As companies go through a digital transformation, they should keep security top of mind, says Claire Hatcher of Kaspersky, who describes a layered approach