What the Marriott Breach Says About Security

Krebs on Security

Or a previously unknown security flaw gets exploited before it can be patched. They’re reshuffling the organizational chart so that people in charge of security report to the board, the CEO, and/or chief risk officer — anyone but the Chief Technology Officer.

How IoT Changes Security

Data Breach Today

Steve Rog of ForeScout Technologies on Improving Security Hygiene The growth of IoT means traditional methods of security are inadequate, says Steve Rog of ForeScout Technologies, who calls for improvements in security hygiene

IoT 208

How the U.S. Govt. Shutdown Harms Security

Krebs on Security

As a nation, we are much less safe from a cyber security posture than we were a month ago.” “These are criminal investigations involving national security. “In the past week, the number of outdated Web security certificates held by U.S. The ongoing partial U.S.

Enhancing Security Governance

Data Breach Today

Longtime CISO Vito Sardanopoli on Building an Effective Security Program A formal security program that spells out precise governance components is critical to protecting sensitive data, says Vito Sardanopoli, who served on the U.S.

Improving Healthcare Security Education

Data Breach Today

Wombat's Gretel Egan on How to Take a Fresh Approach to the Awareness Challenge As attackers increasingly take advantage of users' risky behavior, enterprise security leaders are taking steps to improve end-user security education.

How to Shop Online Like a Security Pro

Krebs on Security

Here are some other safety and security tips to keep in mind when shopping online: -WHEN IN DOUBT, CHECK ‘EM OUT: If you don’t know much about the online merchant that has the item you wish to buy, take a few minutes to investigate its reputation.

How To 276

Securing the News

Data Breach Today

s Deputy CISO on the Challenge of Ensuring Content Security In this era of "fake news," Time Inc. Time Inc.'s Deputy CISO Preeti Palanisamy takes seriously the challenge of maintaining the integrity of journalism from content creation through production and eventual publication

Applying Secure Multiparty Computation Technology

Data Breach Today

Israel-based Yehuda Lindell, a cryptography professor, describes how to use secure multiparty computation technology to protect cryptographic keys and describes other potential security applications

Security Vulnerabilities in Star Wars

Data Breach Today

A fun video describing some of the many Empire security vulnerabilities in the first Star Wars movie. Happy New Year, everyone. humor securityawareness video vulnerabilities

Why Perimeter Security Still Matters

Data Breach Today

Adam Bixler of Netscout on Countering Evolving Attacks Why do CISOs need to continue to pay attention to perimeter security? Adam Bixler of Netscout Systems provides insights on the importance of countering rapidly evolving perimeter attacks

2019 IoT Security Outlook

Data Breach Today

DigiCert just conducted a global study of how organizations across sectors are approaching IoT security. What are some of the best practices of the organizations that emphasize securing connected devices? Mike Nelson of DigiCert shares the findings

IoT 117

A Chief Security Concern for Executive Teams

Krebs on Security

Virtually all companies like to say they take their customers’ privacy and security seriously, make it a top priority, blah blah. That’s because very few of the world’s biggest companies list any security executives in their highest ranks.

Key Security Considerations for AI and Robotics

Data Breach Today

As the use of artificial intelligence tools and robotics continues to grow, it's crucial for organizations to assess the potential security risks posed, says attorney Stephen Wu, who reviews key issues in an interview

Application Security: What Causes Inertia?

Data Breach Today

Joseph Feiman of WhiteHat Security on the Need for Cultural Change Application security is not improving because about 60 percent of vulnerabilities never get fixed, says Joseph Feiman of WhiteHat Security

Securing Multicloud Environments

Data Breach Today

Cisco's Harry Dogan Outlines the Challenges in Managing Security The growing use of multiple cloud services in enterprises is creating new security challenges, says Cisco's Harry Dogan, who shares common mistakes and fixes

Security Risks of Chatbots

Schneier on Security

Good essay on the security risks -- to democratic discourse -- of chatbots. lies nationalsecuritypolicy propaganda risks

Risk 100

Another Healthcare Website Security Issue Revealed

Data Breach Today

Tandigm Health Reports Vulnerability in Physician Portal In yet another sign that website security issues are far too common in the healthcare sector, Tandigm Health says a vulnerability on a physician portal potentially exposed patient data

Cloud Security: Beyond CASB

Data Breach Today

Oracle's Amit Zavery on Taking a Comprehensive Approach Cloud access security brokers are not a panacea for all cloud security problems, says Oracle's Amit Zavery, who advocates an end-to-end approach

Cloud 130

Supply Chain Security 101: An Expert’s View

Krebs on Security

alongside Tony Sager , senior vice president and chief evangelist at the Center for Internet Security and a former bug hunter at the U.S. National Security Agency. Tony Sager, senior vice president and chief evangelist at the Center for Internet Security.

Scanning for Flaws, Scoring for Security

Krebs on Security

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices?

Bad Consumer Security Advice

Schneier on Security

There are lots of articles about there telling people how to better secure their computers and online accounts. If you or someone you know is 18 or older, you need to create a Social Security online account. But why limit it to the Social Security Administration?

Health Data Security: The Most Promising Technologies

Data Breach Today

Analytics, artificial intelligence and machine learning are increasingly playing promising roles in healthcare data security, say Ron Mehring, CISO at Texas Health Resources, a large delivery system, and Axel Wirth of Symantec, a technology vendor.

3 Top Security Challenges in Healthcare

Data Breach Today

Chris Bowen of ClearDATA on Improving 'Change Management' Understanding where data is stored so it can be protected, overcoming security misconfiguration and improving vendor management diligence are three top challenges for healthcare organizations, says Chris Bowen of ClearDATA

Czech cyber-security agency warns over Huawei, ZTE security threat

Security Affairs

A Czech cyber-security agency is warning against using Huawei and ZTE technologies because they pose a threat to state security. The post Czech cyber-security agency warns over Huawei, ZTE security threat appeared first on Security Affairs.

OT Security: Best Practices for CISOs

Data Breach Today

L&T Group CISO Uday Deshpande on Securing Operational Technology The lack of standardization is one of the significant challenges when securing OT environments. Customizing and aligning OT security with the business is key, says Uday Deshpande, CISO at Mumbai-based L&T Group

Groups 157

RSA 2019 Blog Series: Securing Microservices

Thales Data Security

Every once in a while, a new transformative architecture emerges, which challenges how we think about applications and our understanding of how to build and operate them securely. What are the requirements of secure microservices? Data security

Blog 67

New IoT Security Regulations

Schneier on Security

This is the Internet of Things, and it's a security nightmare. By developing more advanced security features and building them into these products, hacks can be avoided. Consumers will buy products without proper security features, unaware that their information is vulnerable.

IoT 109

The Need for Security Collaboration

Data Breach Today

Saba Shariff of Symcor discusses techniques for greater collaboration on security Saba Shariff of Symcor on Improving Anti-Fraud Efforts Today's cybercriminals don't operate in silos, so why do companies?

Allure Security: Protecting Data

Data Breach Today

CEO Mark Jaffe on How to Protect What the Adversaries Really Want Mark Jaffe is less concerned about how adversaries breach networks, but more concerned about how to secure their actual target - critical data. His startup company, Allure Security, intends to help secure that data

Your Garage Opener Is More Secure Than Industrial Remotes

Data Breach Today

To address the issue, manufacturers need to move away from proprietary communication protocols and embrace secure standards, such as Bluetooth Low Energy

Medical Devices: The Long Road to Security

Data Breach Today

Fortinet's Sonia Arista Brings CISO's Perspective to Security Solutions As a former healthcare CISO, Fortinet's Sonia Arista has a unique perspective on how cybersecurity vendors can best assist in the ongoing challenge of securing critical medical devices

The Need to Look Beyond Endpoint Security

Data Breach Today

Kaspersky's Bhayani on Evolving to Predictive Analytics and Response With endpoint security, the fundamental concept was always to detect and prevent.

Offensive Security announced the release of Kali Linux 2019.1

Security Affairs

It’s official, Offensive Security announced the release of Kali Linux 2019.1, On Monday, Offensive Security announced the availability of Kali Linux 2019.1, The post Offensive Security announced the release of Kali Linux 2019.1 appeared first on Security Affairs.

Democratic Senators Introduce Data Security Legislation

Data Breach Today

Separately, Digital Rights Group Pushes for National Privacy Law Democratic senators have introduced yet another version of data security legislation that would create a federal breach notification requirement.

The Latest Privacy, Security Legislative Developments

Data Breach Today

Senators Introduce Proposal; Advocacy Group Crafts Broader Model Democratic senators have introduced yet another version of data security legislation that would create a federal breach notification requirement.

Fortinet's Sonia Arista on Securing the Digital Enterprise

Data Breach Today

Listen to the latest on security's role in digital transformation, as well as visibility challenges facing the security industry

Japan's IoT Security Strategy: Break Into Devices

Data Breach Today

Nation to Allow Researchers to Brute-Force 200 Million Devices Japan plans to identity vulnerable internet of things devices the same way hackers do: by trying to log into them. The country wants to gauge its cybersecurity readiness for next year when it hosts the summer Olympics. If vulnerable devices are found, the plan is to notify device owners

Securing Software Automation, Orchestration

Data Breach Today

Seeking better operational efficiency and ROI, many enterprises have begun significant software automation and orchestration efforts without accounting for the inherent security risks they may bring, says Jeffery Kok of CyberArk

Mergers & Acquisitions: Privacy and Security Considerations

Data Breach Today

How do data privacy and security matters affect organizations that are contemplating a merger or acquisition? Attorney Iliana Peters offers insights into cybersecurity, data breach and compliance issues that can potentially doom a deal

Securing Elections

Schneier on Security

They're computers -- often ancient computers running operating systems no longer supported by the manufacturers -- and they don't have any magical security technology that the rest of the industry isn't privy to. We can securely bank online, but can't securely vote online.