NTT Security and WhiteHat Security Describe Deal

Data Breach Today

NTT's Khiro Mishra and WhiteHat's Craig Hinkley on Application Security NTT Security has signed a definitive agreement to acquire WhiteHat Security.

Android 7.0+ Phones Can Now Double as Google Security Keys

Krebs on Security

and higher can now be used as Security Keys , an additional authentication layer that helps thwart phishing sites and password theft. But Google said starting this week, any mobile phone running Android 7.0+ (Nougat) can serve the same function as a USB-based security key.

Securing the Hyper-Connected Enterprise

Data Breach Today

Cequence Security's Larry Link on Defending the New Norm In today's hyper-connected enterprise, organizations are at risk of two different types of attack. Larry Link, CEO of Cequence Security, explains how to defend at a platform level - without adding friction

Revisiting Election Security Threats

Data Breach Today

FBI's Elvis Chan on What's Being Done to Secure the 2020 Election Heading into the 2020 U.S. presidential election preseason, the FBI is squarely focused on defending against nation-state hacks or influence. Elvis Chan of the FBI talks about preparations for a cybersecure election

What the Marriott Breach Says About Security

Krebs on Security

Or a previously unknown security flaw gets exploited before it can be patched. They’re reshuffling the organizational chart so that people in charge of security report to the board, the CEO, and/or chief risk officer — anyone but the Chief Technology Officer.

Securing Smartphones from Eavesdropping

Data Breach Today

Mike Fong of Privoro Discusses Smartphone Encryption Smartphone security is paramount for certain scenarios, but software based encryption has been shown to be insufficient.

How IoT Changes Security

Data Breach Today

Steve Rog of ForeScout Technologies on Improving Security Hygiene The growth of IoT means traditional methods of security are inadequate, says Steve Rog of ForeScout Technologies, who calls for improvements in security hygiene

IoT 208

Cloud Security: How the Dialogue Has Shifted

Data Breach Today

Palo Alto Network's Matt Chiodi on the Evolution of Public Cloud Security In just five years' time, the public cloud security conversation has changed dramatically, says Matt Chiodi of Palo Alto Networks. But security leaders still struggle with visibility and compliance

Cloud 211

Managing Security Stack Sprawl

Data Breach Today

See how stateless technology can protect you from inbound attacks and more efficiently block outbound threats. See how stateless technology can protect you from inbound attacks and more efficiently block outbound threats

The Impact of Digital Transformation on Security

Data Breach Today

Kory Daniels of Trustwave on Scaling Security at the Speed of Business Identifying the data gaps in the rapidly expanding attack surface is critical to allow more sophisticated preventive and response capabilities, says Kory Daniels of Trustwave

Security's Role in Digital Transformation

Data Breach Today

GE Digital's Al Ghous on How CISOs Can Influence the Change Security has the opportunity - or challenge - to help drive digital transformation within the enterprise. Al Ghous of GE Digital describes how security leaders can maximize their influence and avoid potholes

7 Hard Truths About Blockchain Security

InfoGoTo

Experts tout blockchain security — but how safe is blockchain technology? Blockchain secures data because its distributed nature prevents a single point of system failure. Before you invest in blockchain, consider these seven hard truths about its security. Hackers will always find new ways around blockchain security. Blockchain As Security, or Securing the Blockchain?

Enhancing Office 365 to Securely Manage and Share Sensitive Information

Data Breach Today

Email is still the fundamental driver for Office 365 and the biggest risk to data security and compliance. Email is still the fundamental driver for Office 365 and the biggest risk to data security and compliance

Enhancing Security Governance

Data Breach Today

Longtime CISO Vito Sardanopoli on Building an Effective Security Program A formal security program that spells out precise governance components is critical to protecting sensitive data, says Vito Sardanopoli, who served on the U.S.

Essentials of Supply Chain Security

Data Breach Today

Matan Or-El, CEO of Panorays, discusses the weakest links of supply chain security and how to strengthen them with automated tools

The Challenge of Securing Cryptocurrencies

Data Breach Today

Ondrej Krehel of LIFARS Outlines Fraud Vulnerabilities Cryptocurrency exchanges have been notable targets for fraudsters, says Ondrej Krehel of LIFARS, who describes their vulnerabilities

Improving Healthcare Security Education

Data Breach Today

Wombat's Gretel Egan on How to Take a Fresh Approach to the Awareness Challenge As attackers increasingly take advantage of users' risky behavior, enterprise security leaders are taking steps to improve end-user security education.

Advancing Security Operations With Managed Detection and Response

Data Breach Today

Organizations face a variety of security challenges as they attempt to secure their environments from the ever-changing threat landscape.

The Role of 'Prosilience' in IoT Security

Data Breach Today

The latest edition of the ISMG Security Report features a discussion of the role of "prosilience" in IoT security, plus the problem of overnotification under GDPR and the notion of "Spartacus as a Service

IoT 188

How the U.S. Govt. Shutdown Harms Security

Krebs on Security

As a nation, we are much less safe from a cyber security posture than we were a month ago.” “These are criminal investigations involving national security. “In the past week, the number of outdated Web security certificates held by U.S. The ongoing partial U.S.

Engineering Secure Systems

Thales eSecurity

Ensuring that systems behave only how a designer intends is a central aspect of security. A security-enforcing system will take the context of available information measured against policy to determine whether an operation should be permitted or denied. MBSE and security engineering.

Google: Security Keys Neutralized Employee Phishing

Krebs on Security

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity.

2019 IoT Security Outlook

Data Breach Today

DigiCert just conducted a global study of how organizations across sectors are approaching IoT security. What are some of the best practices of the organizations that emphasize securing connected devices? Mike Nelson of DigiCert shares the findings

IoT 142

The Critical Need for Application Security

Data Breach Today

Jeff Williams of Contrast Security on Self-Protecting Software Secure code remains a problem for all software. Jeff Williams of Contrast Security explains a new approach - protecting code from within

How to Shop Online Like a Security Pro

Krebs on Security

Here are some other safety and security tips to keep in mind when shopping online: -WHEN IN DOUBT, CHECK ‘EM OUT: If you don’t know much about the online merchant that has the item you wish to buy, take a few minutes to investigate its reputation.

How To 283

Offering Customers Trusted Digital Security

Thales eSecurity

Together, Thales and Gemalto will have the ability to cover the digital needs of our customers and partners, in civilian and defense businesses, across all Thales market segments, with a unique portfolio of advanced technologies in the fields of digital security and the Internet of Things.

Perpetual 'Meltdown': Security in the Post-Spectre Era

Data Breach Today

Securing the News

Data Breach Today

s Deputy CISO on the Challenge of Ensuring Content Security In this era of "fake news," Time Inc. Time Inc.'s Deputy CISO Preeti Palanisamy takes seriously the challenge of maintaining the integrity of journalism from content creation through production and eventual publication

Applying Secure Multiparty Computation Technology

Data Breach Today

Israel-based Yehuda Lindell, a cryptography professor, describes how to use secure multiparty computation technology to protect cryptographic keys and describes other potential security applications

Security Vulnerabilities in Star Wars

Data Breach Today

A fun video describing some of the many Empire security vulnerabilities in the first Star Wars movie. Happy New Year, everyone. humor securityawareness video vulnerabilities

Why Perimeter Security Still Matters

Data Breach Today

Adam Bixler of Netscout on Countering Evolving Attacks Why do CISOs need to continue to pay attention to perimeter security? Adam Bixler of Netscout Systems provides insights on the importance of countering rapidly evolving perimeter attacks

The Role of AI, Machine Learning in Email Security

Data Breach Today

Adrien Gendre of Vade Secure on Infrastructure Protection Machine learning models and artificial intelligence are transforming the way email is secured, says Adrien Gendre of Vade Secure

Why Businesses Must Maintain Better Security Foundations

Data Breach Today

Piero DePaoli of ServiceNow Offers Breach Prevention Advice Many breached businesses lack the foundational controls that would have helped to prevent a data breach, says Piero DePaoli, senior director of security and risk at ServiceNow

Raising the Bar on Browser Security

Data Breach Today

When it comes to browser security, one mistake made by consumers and enterprise alike is that they see the browser as a one-way window into the internet. The reality is quite different - and potentially costly if overlooked, says Pieter Arntz of Malwarebytes

Application Security: What Causes Inertia?

Data Breach Today

Joseph Feiman of WhiteHat Security on the Need for Cultural Change Application security is not improving because about 60 percent of vulnerabilities never get fixed, says Joseph Feiman of WhiteHat Security

A Chief Security Concern for Executive Teams

Krebs on Security

Virtually all companies like to say they take their customers’ privacy and security seriously, make it a top priority, blah blah. That’s because very few of the world’s biggest companies list any security executives in their highest ranks.

Securing Multicloud Environments

Data Breach Today

Cisco's Harry Dogan Outlines the Challenges in Managing Security The growing use of multiple cloud services in enterprises is creating new security challenges, says Cisco's Harry Dogan, who shares common mistakes and fixes

Huawei Security Shortcomings Cited by British Intelligence

Data Breach Today

Leveraging Analytics for More Effective Security Performance Management

Data Breach Today

How to measure your security performance and ensure ROI on your technology investments. Security ratings and the analytics they provide give businesses a unique insight into their security performance and posture in relation to their peer group

Programmers Who Don't Understand Security Are Poor at Security

Schneier on Security

A university study confirmed the obvious: if you pay a random bunch of freelance programmers a small amount of money to write security software, they're not going to do a very good job at it. I don't know why anyone would expect this group of people to implement a good secure password system.