Banking on Cloud Security

Data Breach Today

These are the results that banking institutions can receive by shifting security to the cloud, says David Vergara of OneSpan. "Better, cheaper, faster." At a time when multi-channel fraud is surging and the customer experience is paramount, cloud needs serious consideration, he says

Cloud 175

Using an 'Intrinsic Security' Approach

Data Breach Today

Organizations need to build security into their cloud environments to help thwart cyberthreats, says Tom Com of VMware, who describes this "intrinsic security" approach

Cloud 158

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cloud Pak for Security

Data Breach Today

Cloud Pak for Security Digital transformation is accelerating. This webinar will take a deep dive into IBM's Cloud Pak for Security where you will learn how to: Gain insights without moving your data; Respond faster to secuirty incidents with automation and investigative capabilities; Run anywhere, connect security openly Organisations are adopting SAAS solutions at increasing rates to reduce internal IT constraints and budgets.

Cloud 158

FTC Settlement With Zoom Sets Security Requirements

Data Breach Today

Agency Requires Comprehensive Security Program As part of a settlement of allegations that Zoom "engaged in a series of deceptive and unfair practices that undermined the security of its users," the U.S.

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. You feel ready to take on rising security threats while continuously delivering quality software updates. But how do you monitor your new program? Are you truly able to gauge the state of your projects? To ensure the success of this new breed of a team, you need to know the metrics to look at and how to advocate these metrics to C-Suite and stakeholders. Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.

Tom Kellermann: Post-Election Security Analysis

Data Breach Today

election security measures seem to have worked. Cybersecurity Strategist Warns of Pre-Inauguration Nation-State Strikes The good news: U.S. The bad news: Disinformation and misinformation campaigns continue.

Ticketmaster Fined $1.7 Million for Data Security Failures

Data Breach Today

Its failure to properly secure chatbot software led to attackers stealing at least 9.4 Following Alerts of Potential Fraud, Ticketmaster Took 9 Weeks to Spot Big Breach Ticketmaster UK has been fined $1.7

Phishing Attacks Dodge Email Security

Data Breach Today

Cofense: Fraudsters Use Trusted Web Services to Evade Security Protocols A fresh round of phishing attacks is relying on using trusted services and a well-designed social engineering scheme to trick users into enabling malware to bypass an end point's security protocols, says Aaron Higbee of the security firm Cofense.

Detecting Network Security Incidents

Data Breach Today

ENISA's Rossella Mattioli Reviews New Report Rossella Mattioli, a network and information security expert at ENISA, the European Union Agency for Cybersecurity, discusses a new report offering insights on detecting network security incidents

Twitter Hires Famed Hacker 'Mudge' as Security Head

Data Breach Today

Peiter Zatko Will Help Social Media Firm That Faces Security Concerns Twitter has hired network security expert Peiter Zatko to serve in the newly created position of head of security following a series of high-profile cyber incidents.

Shift Left Security? Development Does Not Want to Own It.

Speaker: Shlomo Bielak, CTO, Benchmark Corp

Shifting security left to the earliest part of development is currently in the spotlight in the developer world. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter. It's time to manage your team's energies to maximize DevOps efficiency, all the while maintaining top security standards. Join Shlomo Bielak, and learn how to keep your DevSecOps team focused and connected without creating silos.

Election Security: A Harsh Assessment

Data Breach Today

Security Researcher, CISA Director Raise Serious Concerns A security researcher says voting equipment in the U.S. is still riddled with security flaws that opportunistic foreign adversaries could use to pose a threat to the November election.

Medical Device Security Alerts: The Latest Updates

Data Breach Today

More Devices Affected by 'Ripple20' Vulnerabilities Federal regulators have issued another round of security alerts about vulnerabilities in medical device products from several manufacturers, including an update on those affected by so-called "Ripple-20" flaws earlier identified in the Treck TCP/IP stack.

Nihilistic Password Security Questions

Schneier on Security

Uncategorized humor passwords security questionsPosted three years ago, but definitely appropriate for the times.

Microsoft: Iranian Hackers Targeted Security Experts

Data Breach Today

Spear-Phishing Campaign Aimed at Potential Attendees at 2 Upcoming Events A hacking group linked to Iran's government targeted over 100 security and policy experts who are potentially attending two upcoming security conferences with phishing emails designed to steal credentials and gather intelligence, according to Microsoft.

Mergers & Acquisitions: How to Handle Your Data feat. Oracle & Onna

Speaker: Lisa Ripley: Director of eDiscovery & Information Governance, Legal Operations at Oracle & Scott McVeigh: Senior Solutions Consultant, Onna

Lisa holds the CISSP - Certified Information Systems Security Professional certification. Mergers & Acquisitions: How to Handle your Data Featuring Oracle. WEBINAR REGISTRATION. Join us live Tuesday, October 20th, 2020 11am PST | 1pm CST | 2pm EST. First Name. Last Name.

Insurer Chubb Investigating 'Security Incident'

Data Breach Today

Maze Gang Claims Insurer Is a Victim, Emsisoft Reports Switzerland-based global insurance firm Chubb acknowledges that it's investigating a "security incident." Meanwhile, the Maze ransomware gang is claiming Chubb is its latest victim, according to researchers at the security firm Emsisoft

Building a Stronger Security Infrastructure

Data Breach Today

Peter Yapp, former deputy director at the UK's National Cyber Security Center, provides insights on building a stronger security infrastructure

Cisco's $2.6 Billion Network Security Patent Infringement

Data Breach Today

A judge found that it infringed on four patents held by network security firm Centripetal Networks

Redefining Security Analytics

Data Breach Today

Chronicle's Anton Chuvakin on How to Fill the Gaps for Analysts There are glaring holes in how enterprises currently tackle security analytics, and by redefining the approach, the analyst's role can be transformed. Dr. Anton Chuvakin of Chronicle explains how

Healthcare Supply Chain Security: Updated Guidance

Data Breach Today

With the escalation of cyberattacks on the healthcare sector during the COVID-19 pandemic, supply chain partners need to strengthen their security controls and defenses, say Vishwas Gadgil of pharmaceutical firm Merck and Ed Gaudet of the consultancy Censinet.

Leaked FinCEN Reports Reveal Sensitive Security Details

Data Breach Today

Suspicious Activity Reports Reveal Tools and Techniques to Adversaries, Experts Warn What will be the impact of the leak of investigatory documents from FinCEN - the U.S. Treasury Department's Financial Crimes Enforcement Network?

ISP Security: Do We Expect Too Much?

Dark Reading

With so many people now connecting to business networks from home routers, ISP security takes on heightened importance. But is the security provided by ISPs good enough to be the only security SMBs and remote employees need

NTT Security and WhiteHat Security Describe Deal

Data Breach Today

NTT's Khiro Mishra and WhiteHat's Craig Hinkley on Application Security NTT Security has signed a definitive agreement to acquire WhiteHat Security. NTT Security's Khiro Mishra and WhiteHat Security's Craig Hinkley say the deal will help bring more application security - and DevSecOps - products, services and smarts to more organizations

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware.

Lack of Secure Coding Called a National Security Threat

Data Breach Today

The lack of secure coding is a pervasive and serious threat to national security, according to a new paper from the Institute for Critical Infrastructure Technology. In an interview, Rob Roy, co-author of the report, outlines what steps should be taken to encourage or enforce secure coding practices

Paper 213

Breaches Tied to Pharmacy Looting: Security Lessons

Data Breach Today

Walgreens and CVS Are Among the Chains Affected As more reports emerge regarding data breaches at pharmacy chains as a result of earlier break-ins and looting incidents during civil unrest, security experts are calling attention to important security issues, including the need to check physical security measures as well as encrypt mobile devices.

2020 Was a Secure Election

Schneier on Security

Over at Lawfare: “ 2020 Is An Election Security Success Story (So Far).” ” What’s more, the voting itself was remarkably smooth.

Changing Employee Security Behavior Takes More Than Simple Awareness

Threatpost

Designing a behavioral change program requires an audit of existing security practices and where the sticking points are.

Kubernetes Security

Schneier on Security

A good first step towards understand the security of this suddenly popular and very complex container orchestration system. Attack matrix for Kubernetes, using the MITRE ATT&CK framework. cybersecurity opensource securityengineering

Analysis: Keeping IoT Devices Secure

Data Breach Today

This edition of the ISMG Security Report analyzes whether IoT devices will outlive their security updates. Also featured: Why security spending needs to shift further upstream; could banks be custodians of identity

IoT 135

Securing the Modern Workplace

Data Breach Today

Now, how do you secure it? David Wagner of Zix on Rising to the Challenges of Cloud Remote workers, connected devices, cloud services and infrastructure - these are the elements of the new workplace. That's the challenge discussed by David Wagner, CEO of Zix

Cloud 135

9 New Tactics to Spread Security Awareness

Dark Reading

Employees are often your first line of security defense when the bad guys come calling -- providing your workers are properly trained. Security leaders share how they're raising awareness

IoT Unravelled Part 3: Security

Troy Hunt

Now for the big challenge - security. The "s" in IoT is for Security Ok, so the joke is a stupid oldie, but a hard truth lies within it: there have been some shocking instances of security lapses in IoT devices. IoT Security

IoT 90

Security Affairs newsletter Round 289

Security Affairs

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 289 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived!

5G Security

Schneier on Security

The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Since the internet, especially the "internet of things," is expected to rely heavily on 5G infrastructure, potential Chinese infiltration is a serious national security threat. But keeping untrusted companies like Huawei out of Western infrastructure isn't enough to secure 5G. The 5G security problems are threefold. It's really too late to secure 5G networks.

Multilayered Security Gets Personal

Data Breach Today

First Data's Tim Horton on Why Encryption Is Not Enough to Secure PII When large-scale data breaches started to proliferate more than a decade ago, security leaders called for end-to-end data encryption. But that approach no longer suffices, says First Data's Tim Horton, who calls for a new multilayered defense

Sharing Cloud Security Responsibilities

Data Breach Today

A cloud computing security model needs to be customized to fit how the cloud provider serves its clients, says privacy attorney Adam Greene

Cloud 121

3 Critical Security Conversations

Data Breach Today

Oscar Chavez-Arietta of Sophos on Key Topics The cloud, artificial intelligence and security as a service - these are the three critical conversations that security leaders need to be having with their business counterparts, says Oscar Chavez-Arietta, vice president, Latin America, at Sophos

Analysis: The Security of 5G Devices, Networks

Data Breach Today

Security Experts Outline Their Concerns So far, much of the discussion about 5G security has focused on avoiding the use of technology from Chinese manufacturers, including Huawei and ZTE. But security experts are increasingly concerned that 5G network and device providers rushing products to market aren't devoting enough attention to security