Security operations and management
Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.
Top Stories
-
News
03 Oct 2024
Microsoft SFI progress report elicits cautious optimism
Infosec experts say the Secure Future Initiative progress report shows Microsoft has made important changes to its policies, practices and accountability structures. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Podcast
03 Oct 2024
Microsoft security overhaul offers blueprint for SecOps
Better late than never: Microsoft lags major cloud competitors in making security a top priority. But other enterprises might learn from how the company is catching up. Continue Reading
By- Beth Pariseau, Senior News Writer
-
News
28 Feb 2018
Visa reports EMV chip cards thwart fraud, but criminals adapting
Visa points to a 70% drop in fraud due to EMV chip cards, as consumers and merchants adopt the new payment card technology. But criminals are shifting their own focus to adapt. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Podcast
27 Feb 2018
Risk & Repeat: Is the cyberthreat landscape shifting to cryptomining?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how new attacks, like cryptojacking, may be supplanting previous top cyberthreats, such as ransomware. Continue Reading
By- Rob Wright, Senior News Director
-
News
22 Feb 2018
SEC cybersecurity disclosure rules get a guidance update
The U.S. Securities and Exchange Commission introduced new SEC cybersecurity disclosure rules to prevent insider trading related to data breaches and other security incidents. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
22 Feb 2018
GDPR data breach notification is just one piece of EU privacy puzzle
With the EU's General Data Protection Regulation looming, Qualys' Darron Gibbard discusses GDPR data breach notifications, and more with the EU's new privacy law. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Podcast
19 Feb 2018
Risk & Repeat: Cyberinsurance market gets a shake-up
In this week's Risk & Repeat podcast, SearchSecurity editors discuss a new industry partnership designed to give Apple and Cisco customers beneficial cyberinsurance policies. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
14 Feb 2018
How to prevent SQL injection attacks in your enterprise
SQL injection attacks threaten enterprise database security, but the use of cloud services can reduce the risk. Here's a look at some alternative SQL injection protection methods. Continue Reading
By- Frank Siemons, RedSec
-
Answer
13 Feb 2018
How should BGP route hijacking be addressed?
A new report from NIST shows how BGP route hijacking can threaten the internet. Expert Judith Myerson reviews the guidance for improving BGP security. Continue Reading
-
News
08 Feb 2018
DoJ breaks up Infraud Organization with some help
The U.S. Department of Justice announced the shutdown of the Infraud Organization, which authorities claim is responsible for global cyberfraud losses in excess of $530 million. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Tip
07 Feb 2018
Cloud security lessons to learn from the Uber data breach
Any organization that uses cloud services can learn something from the 2016 Uber data breach. Expert Ed Moyle explains the main takeaways from the massive breach. Continue Reading
By- Ed Moyle, Drake Software
-
Feature
01 Feb 2018
CISOs map out their cybersecurity plan for 2018
What's on the short list for enterprise cybersecurity programs in the coming year? As attack vectors increase -- think IoT -- we ask information security leaders to discuss their plans. Continue Reading
-
E-Zine
01 Feb 2018
Cybersecurity roadmap: What's driving CISOs' agendas for 2018
Omar F. Khawaja, CISO at Highmark Health, has five areas of focus on his cybersecurity roadmap, and technology is not at the top of the list. Instead, he is prioritizing organizational change management and building an effective decision-making framework for the security leaders of the national healthcare provider and insurer.
While Khawaja's cybersecurity roadmap may sound ambitious, his focus on risk management and team decision-making to align the security program with the healthcare organization's business strategy is far from unique. Studies show that executives increasingly recognize that a cyberattack could cripple their operations and mean millions in lost business and reputational damage as well as in cleanup costs.
"CISOs are now charged with defending this digital infrastructure, and that includes software everywhere and data as a resource, and that's a massive change at a time when the attack surface keeps expanding," says Jeff Pollard, an analyst at Forrester Research.
In this issue of Information Security magazine, security professionals detail the process of developing effective one-year plans. Why do companies struggle to strengthen their cybersecurity roadmap? We look at effective planning, what could go wrong and how to get support for your strategy.
Continue Reading -
News
26 Jan 2018
FBI encryption argument draws fire from senator
Sen. Ron Wyden challenged the FBI encryption argument and asked the FBI director to be transparent about claims that lawful access could be provided securely. Continue Reading
By- Michael Heller, TechTarget
- 26 Jan 2018
-
Podcast
24 Jan 2018
Risk & Repeat: Backdoor access, strong encryption debate rolls on
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the FBI's continued criticism of encrypted devices and the risks of vendor-created backdoor access points. Continue Reading
By- Rob Wright, Senior News Director
-
News
16 Jan 2018
CIA attributes NotPetya attacks to Russian spy agency
The CIA reportedly concluded that Russia's foreign intelligence agency created and was responsible for the NotPetya attacks against Ukraine in June. Continue Reading
By- Michael Heller, TechTarget
-
Tip
10 Jan 2018
The 12 biggest cloud security threats, according to the CSA
The Cloud Security Alliance reported what it found to be the biggest cloud security threats. Expert Rob Shapland looks at how cloud risks compare to on-premises risks. Continue Reading
By- Rob Shapland, Falanx Cyber
-
News
09 Jan 2018
NIST botnet security report recommendations open for comments
Federal agencies opened public comments on a draft botnet security report born from the 2017 White House cybersecurity executive order, and experts are generally favorable. Continue Reading
By- Michael Heller, TechTarget
-
News
05 Jan 2018
Huge coordinated vulnerability disclosure needed for Meltdown
Unprecedented Spectre and Meltdown CPU flaws required a vast coordinated vulnerability disclosure effort over six months and across dozens of organizations. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
29 Dec 2017
Risk & Repeat: Cybersecurity predictions for 2018
In this week's Risk & Repeat podcast, SearchSecurity editors offer their cybersecurity predictions for 2018, including forecasts for cryptojacking, DDoS attacks and other threats. Continue Reading
By- Rob Wright, Senior News Director
-
News
20 Dec 2017
White House WannaCry attribution leaves unanswered questions
The White House's WannaCry attribution included the broad strokes, experts say, but the case avoided some key pieces of information, such as the role of the NSA in the attacks. Continue Reading
By- Michael Heller, TechTarget
-
News
19 Dec 2017
North Korea behind WannaCry attacks, White House says
The White House officially said North Korea was behind the WannaCry attacks, and it credited Facebook and Microsoft for work in attribution. But it left questions unanswered. Continue Reading
By- Michael Heller, TechTarget
-
News
14 Dec 2017
Mirai creators and operators plead guilty to federal charges
The Department of Justice announced guilty pleas from the three Mirai creators and operators behind the massive worldwide botnet DDoS attacks in 2016. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
14 Dec 2017
Risk & Repeat: The Bitcoin boom and its infosec effects
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent bitcoin boom and how the cryptocurrency's rising value could affect the cybersecurity landscape. Continue Reading
By- Rob Wright, Senior News Director
-
News
07 Dec 2017
Army cyber officer hiring to build the future of warfare
A new initiative plans Army cyber officer hiring over the course of five years, but experts are skeptical it can attract the best candidates away from the private sector. Continue Reading
By- Michael Heller, TechTarget
-
News
04 Dec 2017
Ex-NSA employee pleads guilty to removing classified data
The former NSA employee reportedly responsible for exposing classified data to Russian government hackers pleaded guilty and faces a maximum of 10 years in prison. Continue Reading
By- Rob Wright, Senior News Director
-
News
01 Dec 2017
Proposed data breach legislation could put executives in jail
Democratic senators have proposed data breach legislation that could lead to jail time for some executives who conceal breaches and fail to disclose them to consumers. Continue Reading
By- Rob Wright, Senior News Director
-
News
01 Dec 2017
Leaked NSA Ragtime files hint at spying on U.S. citizens
Exposed data included new information on the NSA Ragtime intelligence-gathering program, but it is unclear if the evidence proves Americans were targeted. Continue Reading
By- Michael Heller, TechTarget
-
Feature
01 Dec 2017
CISOs take notice as GPS vulnerabilities raise alarms
GPS has been extraordinarily reliable, but there's a growing chorus of experts who say it's time to assess GPS security and consider protective strategies. Continue Reading
-
Podcast
30 Nov 2017
Risk & Repeat: Uber data breach has implications for infosec
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Uber data breach, which was concealed by company officials, and the ethics of data breach disclosure. Continue Reading
By- Rob Wright, Senior News Director
-
News
30 Nov 2017
NSA data leak exposed Army INSCOM project information
Yet another publicly accessible cloud storage bucket exposed government data; this time it was an NSA data leak which included information on an Army intelligence project. Continue Reading
By- Michael Heller, TechTarget
-
Tip
30 Nov 2017
Data breach litigation: What enterprises should know
Data breach litigation can be highly detrimental to an organization that just suffered a major security incident. Find out what kinds of legal action enterprises could face in the event of a data breach. Continue Reading
By- Christopher Hart, Foley Hoag LLP
-
Answer
29 Nov 2017
How do source code reviews of security products work?
Tensions between the U.S. and Russia have led to source code reviews on security products, but the process isn't new. Expert Michael Cobb explains what to know about these reviews. Continue Reading
By - 29 Nov 2017
-
Tip
28 Nov 2017
How a technology advisory group can benefit organizations
A technology advisory group can have an irreplaceable impact on an organization. Kevin McDonald explains how volunteer advisors can aid law enforcement and other organizations. Continue Reading
By- Kevin McDonald, Alvaka Networks
-
Podcast
21 Nov 2017
Risk & Repeat: Vulnerabilities Equities Process gets an update
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the new charter for the Vulnerabilities Equities Process and what it means for the infosec community. Continue Reading
By- Rob Wright, Senior News Director
-
News
20 Nov 2017
DOD exposed data stored in massive AWS buckets
A security researcher at UpGuard found exposed data in Amazon Web Services' cloud storage buckets. And once again, the data belongs to the Department of Defense. Continue Reading
By- Michael Heller, TechTarget
-
News
17 Nov 2017
Google bug bounty pays $100,000 for Chrome OS exploit
An anonymous security researcher has once again earned the top Google bug bounty prize in the Chrome Reward Program for a Chrome OS exploit chain. Continue Reading
By- Michael Heller, TechTarget
-
News
16 Nov 2017
Federal vulnerability review under new VEP still has questions
Experts are still unsure about the Vulnerabilities Equities Process, but admit the new VEP Charter could be a good step toward improving federal vulnerability review. Continue Reading
By- Michael Heller, TechTarget
-
News
15 Nov 2017
New VEP Charter promises vulnerability transparency
The White House wants a more open Vulnerabilities Equities Process and has unveiled a new VEP Charter in order to promote transparency in bug reviews. Continue Reading
By- Michael Heller, TechTarget
-
News
09 Nov 2017
FBI hacking may have crossed international borders
New court documents indicate an FBI hacking operation may have crossed international borders and infected systems in Russia, China and Iran. Continue Reading
By- Michael Heller, TechTarget
-
Answer
06 Nov 2017
Monitoring employee communications: What do EU privacy laws say?
The European Court of Human Rights recently placed strict regulations on monitoring employee communications. Matt Pascucci compares EU privacy laws to the U.S.'s standards. Continue Reading
-
News
03 Nov 2017
Certificate authority business undergoes major changes
News roundup: Comodo and Symantec sales signal important changes in the certificate authority business. Plus, an Oracle vulnerability gets a CVSS score of 10.0, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
News
02 Nov 2017
SAVE Act attempts to bolster election security
Two senators introduced a bipartisan election security bill called the SAVE Act, which aims to improve voting infrastructure and harden state systems against attack. Continue Reading
By- Michael Heller, TechTarget
-
E-Zine
01 Nov 2017
Next-gen SOC: What's on your automation roadmap?
The concept of a security operations center that optimizes resources -- security technologies, threat intelligence and analysts -- to counter threats is a great idea. However, in reality, designing an effective SOC is hard. Many companies struggle first with implementation and then with figuring out how to take their SOC to the next level. What will the next-gen SOC look like?
Security operations centers today are found mostly in large organizations and focus on detection and remediation. The lack of big data analysis tools that can work with wide varieties of data is a major obstacle.
"That's one of the reasons I think people say SOCs are not very effective yet," said Randy Marchany, CISO at Virginia Tech. The university's SOC project has been put on hold as they implement another security information and event management tool and ramp up on the open source Elastic Stack, formerly known as ELK.
Integration of tools and increased automation may help security analysts prioritize security events in a next-gen SOC, but once a serious security incident has been identified, many companies lack a sophisticated incident-response process. CISOs need to work on building internal and external relationships, like with law enforcement, that will assist the company in the event of a breach.
In this issue of Information Security magazine, we look at the strengths and weaknesses of security operations centers. To what extent are SOCs integrating the tools they have? How are they automating these processes? We ask CISOs and other security leaders what strategies will help organizations build the next-gen SOC. What is your three-year plan for getting your organization's security operations center to the next level?
Continue Reading -
Opinion
01 Nov 2017
Are companies with a SOC team less likely to get breached?
Information security operations centers are “growing up,” according to one study. But, with staffing shortages and manual collection of data, performance metrics are hard to get. Continue Reading
-
Feature
01 Nov 2017
Are security operations centers doing enough?
SOCs are maturing, but organizations facing the increased threat landscape understand that improving their effectiveness must be a priority in the year ahead. Continue Reading
By- Steve Zurier, ZFeatures
-
Blog Post
31 Oct 2017
Is "responsible encryption" the new answer to "going dark"?
"Three may keep a Secret, if two of them are dead." So wrote Benjamin Franklin, in Poor Richard's Almanack, in 1735. Franklin knew a thing or two about secrets, as well as about cryptography, given ... Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Feature
30 Oct 2017
Grossman: Cyberinsurance market is like the 'Wild West'
Jeremiah Grossman, chief of security strategy at SentinelOne, talks with SearchSecurity about the value of cyberinsurance and why the rapidly growing market needs to mature. Continue Reading
By- Rob Wright, Senior News Director
- 30 Oct 2017
- 30 Oct 2017
-
News
27 Oct 2017
Warning for Equifax security issues came months before breach
A security researcher reportedly disclosed a number of Equifax security issues to the company months before the major data breach, and none of the problems were fixed. Continue Reading
By- Michael Heller, TechTarget
-
Feature
26 Oct 2017
The art of the cyber warranty and guaranteeing protection
Jeremiah Grossman, chief of security strategy at SentinelOne, talks with SearchSecurity about the science of developing a cyber warranty for threat detection products. Continue Reading
By- Rob Wright, Senior News Director
-
News
25 Oct 2017
NSA cyberweapons report follows Kaspersky transparency plan
A Kaspersky transparency initiative and a full code review of its products are on the way, and a new Kaspersky statement explained how NSA cyberweapons were uploaded to its servers. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
20 Oct 2017
Risk & Repeat: DEFCON tackles voting machine security
In this week's Risk & Repeat podcast, SearchSecurity editors discuss DEFCON's efforts to improve voting machine security in the wake of hacking threats during the 2016 election. Continue Reading
By- Rob Wright, Senior News Director
-
News
13 Oct 2017
DOJ's 'responsible encryption' is the new 'going dark'
News roundup: The DOJ calls for 'responsible encryption' to comply with court orders. Plus, there's more bad cybersecurity news for banks, and Accenture data in AWS gets exposed. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
12 Oct 2017
DEFCON hopes voting machine hacking can secure systems
The first official report on voting machine hacking from DEFCON suggests the need for pen testing, basic security guidelines and cooperation from local and federal governments. Continue Reading
By- Michael Heller, TechTarget
-
Tip
09 Oct 2017
Make your incident response policy a living document
Effective incident response policies must be detailed, comprehensive and regularly updated -- and then 'embedded in the hearts and minds' of infosec team members. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
News
05 Oct 2017
Equifax breach impact expands, blame game continues
The Equifax breach impact expanded and the company's former CEO answered questions in a congressional hearing, but experts were not satisfied by the answers. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
05 Oct 2017
Risk & Repeat: Are hacking victims taking too much blame?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss comments from the FBI's Donald Freese on the practice of blaming and shaming hacking victims and its effects. Continue Reading
By- Rob Wright, Senior News Director
-
News
29 Sep 2017
Government data requests on the rise for Apple and Google
One expert is concerned about the large increase of government data requests received by Apple and the effects this surveillance activity has on user privacy. Continue Reading
By- Michael Heller, TechTarget
-
Blog Post
29 Sep 2017
FBI's Freese: It's time to stop blaming hacking victims
The FBI's Don Freese spoke at the (ISC)2 Security Congress this week about the need to end the practice of blaming hacking victims. But will infosec professionals listen? Continue Reading
By- Rob Wright, Senior News Director
-
News
21 Sep 2017
Undisclosed SEC breach may have led to illegal stock trades
The U.S. Securities and Exchange Commission admitted a 2016 breach that was previously undisclosed may have enabled threat actors to engage in illegal stock trades. Continue Reading
By- Michael Heller, TechTarget
-
Tip
19 Sep 2017
How to balance organizational productivity and enterprise security
It's no secret that enterprise security and organizational productivity can often conflict. Peter Sullivan looks at the root causes and how to address the friction. Continue Reading
-
News
15 Sep 2017
DHS banned Kaspersky software from all government systems
News roundup: DHS has banned Kaspersky software from use in government systems. Plus, the commonwealth of Virginia decided to do away with touchscreen voting machines, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Podcast
01 Sep 2017
Risk & Repeat: Alternative infosec conferences on the rise
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how smaller, more targeted infosec conferences are making a name for themselves in the shadow of much larger events. Continue Reading
By- Rob Wright, Senior News Director
-
News
29 Aug 2017
Kaspersky-Russian ties still unclear, despite FBI push
The specter of Kaspersky-Russian ties has reportedly led to an FBI campaign urging private organizations to drop Kaspersky Lab products; experts urge the FBI to share more evidence. Continue Reading
By- Michael Heller, TechTarget
-
Feature
29 Aug 2017
Top cybersecurity conferences for when Black Hat and RSA aren't right
The big cybersecurity conferences can make attendees weary, but there are many alternatives to the big name shows that may be easier to get to and easier to handle. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Tip
29 Aug 2017
What to do when cybersecurity breaches seem inevitable
The current threat landscape makes cybersecurity breaches seem unavoidable. Expert Peter Sullivan discusses some simple ways enterprises can reduce the risk of a breach. Continue Reading
-
News
25 Aug 2017
U.S. government cybersecurity is a mess, according to officials
News roundup: John McCain, NIAC and others called out the administration for not doing enough on U.S. government cybersecurity. Plus, the Ropemaker exploit alters emails, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Feature
18 Aug 2017
Valerie Plame: U.S. government cyberdefense must be improved
Former CIA officer Valerie Plame discusses why America's cyberdefense is lagging behind -- and what the government and private sector should do to reverse the trend. Continue Reading
By- Rob Wright, Senior News Director
-
News
18 Aug 2017
Offensive cyberweapons from enemies may be re-engineered
The U.S. Defense Intelligence Agency wants to isolate, study, customize and re-engineer malware from adversaries to be used as its own offensive cyberweapons. Continue Reading
By- Michael Heller, TechTarget
-
News
17 Aug 2017
Authorities can't force smartphone access in iOS 11
IOS 11 will allow users to avoid authorities attempting to force smartphone access by temporarily disabling biometric unlocking of mobile devices. Continue Reading
By- Michael Heller, TechTarget
-
News
11 Aug 2017
Cybersecurity machine learning moves ahead with vendor push
Bloggers explore the growing role of cybersecurity machine learning, the capabilities of Microsoft's containers and how well SIEM works for threat detection. Continue Reading
By- Eamon McCarthy Earls, Former Associate Site Editor, TechTarget
-
News
11 Aug 2017
FBI's Next Generation Identification system exempt from Privacy Act
News roundup: The FBI Next Generation Identification biometrics database is exempt from the Privacy Act. Plus, Salesforce fired two top staffers after DEFCON, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Feature
11 Aug 2017
U.S. attorney: Gathering cybercrime evidence can be difficult
Assistant U.S. attorney says jurors and courts are getting smarter about cybercrime evidence, although digital cases overall may be getting more difficult to prosecute. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
10 Aug 2017
Risk & Repeat: Voting machine hacking brings good and bad news
In this week's Risk & Repeat podcast, SearchSecurity editors look back at DEFCON 2017's voting machine hacking and what it could mean for the future of U.S. election security. Continue Reading
By- Rob Wright, Senior News Director
-
Feature
09 Aug 2017
How FBI cyber investigations handle obfuscation techniques
An FBI agent discusses cyber investigations, how they handle obfuscation techniques, the anonymizing features of the deep web and how to catch the right person. Continue Reading
By- Michael Heller, TechTarget
-
Feature
08 Aug 2017
FBI: Cyber investigations no different from real world
Despite a loud group claiming the burden of proof is harder to meet with digital evidence, an agent says FBI cyber investigations are not much different from traditional cases. Continue Reading
By- Michael Heller, TechTarget
-
News
03 Aug 2017
MalwareTech arrested for Kronos banking Trojan connection
The FBI arrested the famed security researcher known as MalwareTech after a two-year investigation into the creation and distribution of the Kronos banking Trojan. Continue Reading
By- Michael Heller, TechTarget
-
Tip
03 Aug 2017
What you need to know about setting up a SOC
Setting up a SOC is different for every enterprise, but there are some fundamental steps with which to start. Expert Steven Weil outlines the basics for a security operations center. Continue Reading
By- Steven Weil, Point B
-
News
02 Aug 2017
Hacking voting machines takes center stage at DEFCON
DEFCON attendees were successful in hacking voting machines and now that there is proof the systems are insecure, more work needs to be done to change election laws and practices. Continue Reading
By- Michael Heller, TechTarget
-
E-Zine
01 Aug 2017
Four technologies that could transform information security programs
With digital transformations underway in many industries, CIOs aren't the only ones who need to have the next big thing on their radar. What security innovations should you follow to ready your organization's information security programs?
The internet of things is both a security threat and potentially a security boon. Big data, machine learning and a growing number of systems with pseudo artificial intelligence may help ease the workloads of security analysts. Bitcoin's distributed database technology known as blockchain can add security to a variety of systems, but scalability remains an early concern. Quantum computing? That one may be too far out -- five years at least -- to be considered a near-term technology disruptor to enterprise information security programs.
Whether your organization is focused on manufacturing and infrastructure -- such as industrial control systems -- or consumer and information technology -- such as the internet of things -- everything is rapidly becoming connected and potentially accessible from the internet. Many information security programs are not on track for the internet of things, complex clouds and other technology disruptors. We dust off the crystal ball in this issue of Information Security magazine and ask infosec experts and venture capitalists to look into the future.
Continue Reading -
News
01 Aug 2017
Experts debate Vulnerabilities Equities Process disclosure
Experts debated how the government should weigh disclosure in the Vulnerabilities Equities Process and whether to err on the side of offense or defense. Continue Reading
By- Michael Heller, TechTarget
-
News
26 Jul 2017
Stamos preaches defensive security research in Black Hat keynote
Facebook's Alex Stamos used his Black Hat 2017 keynote to address a wide variety of issues, including defensive security research and diversity in the infosec community. Continue Reading
By- Michael Heller, TechTarget
-
News
25 Jul 2017
Fancy Bear C&C servers taken down by Microsoft lawsuit
Experts applaud Microsoft for clever use of a lawsuit to claim command and control server domains used by malicious Russian APT group Fancy Bear. Continue Reading
By- Michael Heller, TechTarget
-
News
21 Jul 2017
Dark web markets' shutdown may lead to more arrests
Cooperation between law enforcement from around the world led to the shutdown of the AlphaBay and Hansa dark web markets and potential leads of illegal vendors. Continue Reading
By- Michael Heller, TechTarget
-
News
21 Jul 2017
Bipartisan group launches effort to improve election security
News roundup: The Defending Digital Democracy project brings together security experts to tackle election security. Plus, government shake-ups could hit cybersecurity, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Tip
20 Jul 2017
Applying cybersecurity readiness to today's enterprises
How prepared is your organization for a cyberattack? Expert Peter Sullivan outlines the seven steps enterprises need to take in order to achieve cybersecurity readiness. Continue Reading
-
Podcast
19 Jul 2017
Risk & Repeat: Kaspersky Lab removed from GSA Schedule 70
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Trump administration's removal of Kaspersky Lab from the GSA Schedule 70 for federal IT contracts. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
18 Jul 2017
Why security incident management is paramount for enterprises
Enterprises aren't truly prepared for cyber threats unless they have proper security incident management in place. Expert Peter Sullivan explains what enterprises need to know. Continue Reading
-
News
26 Jun 2017
Security code reviews by Russian agencies cause concern
Demands for security code reviews by Russia have been on the rise, and not all experts or U.S. companies want to comply with the requests. Continue Reading
By- Michael Heller, TechTarget
-
News
23 Jun 2017
Brutal Kangaroo USB malware could be reverse-engineered
The Brutal Kangaroo USB malware leaked from the CIA's Vault 7 could pose a threat to air-gapped computers if hackers reverse-engineer it. Continue Reading
By- Michael Heller, TechTarget
-
News
21 Jun 2017
RNC leak of voter database exposes poor cloud security practices
A massive voter database RNC leak underscores the poor cloud security practices in place in the U.S. government and many enterprises. Continue Reading
By- Michael Heller, TechTarget
-
News
16 Jun 2017
Router security issues highlighted by CIA's CherryBlossom project
The latest WikiLeaks release on CIA hacking tools includes the CherryBlossom project, which highlights router security issues, including a lack of firmware signing validation. Continue Reading
By- Michael Heller, TechTarget
-
Feature
13 Jun 2017
(ISC)2 CEO on cybersecurity workforce expansion and 2017 Congress
Recently, SearchSecurity editorial director Robert Richardson checked in with (ISC)2's CEO David Shearer as the organization prepares for its fall Security Congress. Continue Reading
-
News
09 Jun 2017
Microsoft accused of blocking independent antivirus competition
News roundup: Kaspersky files a complaint against Microsoft's handling of independent antivirus software for Windows 10. Plus, hackers use Instagram to spread malware, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
News
02 Jun 2017
International data privacy laws create inconsistent rules
A new cybersecurity law in China highlights the trend of inconsistent international data privacy laws being enacted around the world. Continue Reading
By- Michael Heller, TechTarget
-
Feature
01 Jun 2017
IT security trends: 2017 prioritizes cloud, network, endpoints
The 2017 TechTarget IT Priorities Survey reports a number of key IT security trends about where enterprises and infosec professionals place their time and resources. Continue Reading
By -
Feature
01 Jun 2017
Acquiring cybersecurity insurance: Why collaboration is key
Cybersecurity insurance is becoming more important to enterprises as threats increase. Sean Martin explains why enterprise departments need to work together to acquire it. Continue Reading
By - 01 Jun 2017