Security operations and management
Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.
Top Stories
-
Tip
02 Jul 2025
How to build a cybersecurity strategy and plan in 4 steps
A cybersecurity strategy isn't meant to be perfect, but this high-level plan must be proactive, effective, actively supported and evolving. Here are four key steps to get there. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Tip
01 Jul 2025
Cybersecurity career path: A strategic guide for professionals
There's no single path for everyone, but knowing what employers look for and following these best practices can help you move up the cybersecurity career ladder. Continue Reading
By
-
Answer
10 May 2017
Should the Vulnerabilities Equities Process be codified into law?
The Vulnerabilities Equities Process is a controversial subject. Expert Matthew Pascucci looks at the arguments for and against codifying it into law. Continue Reading
-
Blog Post
03 May 2017
Verizon DBIR 2017 loses international contributors
Looking at the overall numbers for the contributors to the Verizon Data Breach Investigations Report (DBIR) from the past five years, it would seem like the amount of partners is hitting a plateau, ... Continue Reading
By- Michael Heller, TechTarget
-
News
02 May 2017
NATO cyberwar games show the U.S. needs more practice
The NATO Locked Shields cyberwar games had the U.S. team winning most improved, but experts say the U.S. still needs more practice. Continue Reading
By- Michael Heller, TechTarget
-
News
28 Apr 2017
Verizon DBIR 2017: Basic cybersecurity focus misplaced
Basic cybersecurity measures like limiting password reuse and implementing multifactor authentication could be big benefits, according to the Verizon DBIR 2017. Continue Reading
By- Michael Heller, TechTarget
-
News
28 Apr 2017
Pretexting is a rising threat, according to 2017 Verizon DBIR
The 2017 Verizon DBIR details threats becoming more popular, like ransomware, and some that are less known, but dangerous, like pretexting. Continue Reading
By- Michael Heller, TechTarget
-
News
28 Apr 2017
Still waiting for a cybersecurity executive order from Trump
News roundup: A cybersecurity executive order overdue, but 'close and nearby.' Plus, the USPTO says it will stop using HTTPS; a teenage hacker sentenced to prison; and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
News
07 Apr 2017
State Department hack and APT29 prove attacker resilience
News Roundup: 'Hand-to-hand' combat in State Department hack, APT29 has a stealth backdoor, the creator of the internet backs strong encryption, and more. Continue Reading
By- Michael Heller, TechTarget
-
Answer
07 Apr 2017
What should be included in a social media security policy?
A social media security policy is necessary for most enterprises today. Expert Mike O. Villegas discusses what should be included in social media policies. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
06 Apr 2017
Public/private threat intelligence sharing faces roadblocks
The U.S. government says it wants to improve threat intelligence sharing between the public and private sectors, but experts are unsure that is possible in the current climate. Continue Reading
By- Michael Heller, TechTarget
-
Tip
06 Apr 2017
Dedicated security teams: The pros and cons of splitting focus areas
Could using dedicated security teams that focus on one area of risk help reduce the attack surface for enterprises? Expert Steven Weil looks at the pros and cons of that approach. Continue Reading
By- Steven Weil, Point B
-
Feature
03 Apr 2017
MSSPs add advanced threats as managed security services gain hold
Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'? Continue Reading
-
News
31 Mar 2017
EU encryption backdoor options for messaging apps set for June
Messaging app developers will be offered 'three or four' legislative and non-legislative options for encryption backdoor access for EU law enforcement. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
31 Mar 2017
WikiLeaks' false flag attack allegations against CIA unfounded
Another set of documents from the Vault 7 CIA cache was released by WikiLeaks, but experts say the allegations of false flag attacks are unfounded and dangerous. Continue Reading
By- Michael Heller, TechTarget
-
News
31 Mar 2017
Obama-era cyber executive order extended by Trump
A cyber executive order from the Obama era has been extended by President Trump to allow sanctions placed on cybercriminals who attack the U.S. Continue Reading
By- Michael Heller, TechTarget
-
News
30 Mar 2017
Experts debunk strong encryption claims by FBI's Comey
FBI Director James Comey clearly laid out his views on strong encryption and urged more conversation, but experts say his arguments fall flat and may even be misleading. Continue Reading
By- Michael Heller, TechTarget
-
News
24 Mar 2017
Encryption debate needs to be nuanced, FBI's Comey says
FBI Director James Comey brought the encryption debate back to the forefront by asking for a 'nuanced and thoughtful' conversation on the topic before there is a serious attack. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
22 Mar 2017
Risk & Repeat: Accused Yahoo hackers indicted
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the indictments of the alleged Yahoo hackers and how the attackers minted Yahoo authentication cookies. Continue Reading
By- Rob Wright, Senior News Director
-
News
21 Mar 2017
WikiLeaks' disclosure of CIA hacks comes with requirements
WikiLeaks reportedly made demands of vendors at risk from the Vault 7 CIA hacks, but without knowing what the requirements are, experts are unsure how to react. Continue Reading
By- Michael Heller, TechTarget
-
News
21 Mar 2017
FBI investigating Trump campaign ties to Russia, DNC breach
FBI Director James Comey confirmed the bureau is investigating the Trump campaign's ties to the Russian government and election cyberattacks such as the DNC breach. Continue Reading
By- Rob Wright, Senior News Director
-
News
17 Mar 2017
Will the Yahoo breach indictments be an effective hacker deterrent?
The Department of Justice indicted suspects in the 2014 Yahoo breach, but experts are unsure if this will prove to be an effective hacker deterrent moving forward. Continue Reading
By- Michael Heller, TechTarget
-
Answer
16 Mar 2017
Can CISOs facilitate peace between privacy and information security?
Privacy and information security can often be at odds with each other in enterprises. Expert Mike O. Villegas explains how C-levels can help to get the two to work in harmony. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
15 Mar 2017
DOJ indicts suspected Yahoo hackers from Russia; extradition unclear
The U.S. Department of Justice indicted four men -- including two Russian Federal Security Service officers -- accused of being the Yahoo hackers, but only one person was arrested. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
15 Mar 2017
Risk & Repeat: Leak of CIA hacking tools creates confusion
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the confusion around WikiLeaks' release of government documents regarding CIA hacking tools. Continue Reading
-
Answer
15 Mar 2017
How can CISOs strengthen communications with cybersecurity staff?
Effective CISO communications are key to fostering a healthy relationship with the cybersecurity staff. Expert Mike O. Villegas reviews some ways to build that relationship. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Answer
14 Mar 2017
What effect does a federal CISO have on government cybersecurity?
The brief tenure of a federal CISO in the U.S. government recently came to an end. Expert Mike O. Villegas discusses the effect this has on the U.S. cybersecurity posture. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
10 Mar 2017
WikiLeaks vows to disclose CIA hacking tools; CIA to investigate
WikiLeaks founder Julian Assange promised to work with vendors to help patch products vulnerable to CIA hacking tools, while the FBI and CIA will investigate the leak. Continue Reading
By- Michael Heller, TechTarget
-
Tip
09 Mar 2017
IoT development and implementation: Managing enterprise security
The CSA's guidelines for secure IoT development can give enterprises an idea of how to evaluate IoT products. Expert Nick Lewis explains the steps enterprises should take. Continue Reading
By -
Podcast
09 Mar 2017
Risk & Repeat: Does the Amazon S3 outage raise security flags?
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Amazon Simple Storage Service outage and why the incident may have security implications. Continue Reading
By- Rob Wright, Senior News Director
-
News
08 Mar 2017
Responsible vulnerability disclosure lacking by CIA and WikiLeaks
Experts criticize both WikiLeaks and the CIA for failing responsible vulnerability disclosure around the Vault 7 documents, and question the CIA's use of the VEP. Continue Reading
By- Michael Heller, TechTarget
-
News
08 Mar 2017
Vault 7 CIA hacking weapons include iOS, Android and Windows zero days
WikiLeaks released a massive dump of files it claims to be CIA hacking tools, codenamed Vault 7, which includes iOS and Android zero-day exploits. Continue Reading
By- Michael Heller, TechTarget
-
News
24 Feb 2017
Experts: Government Vulnerabilities Equities Process should be law
Experts say codifying the Vulnerabilities Equities Process into law would increase transparency and trust regarding vulnerability disclosure by the government. Continue Reading
By- Michael Heller, TechTarget
-
Blog Post
24 Feb 2017
RSA Conference 2017: Are software regulations coming for developers?
Security expert Bruce Schneier said programmers' freedom to code whatever they want will likely come to an end. Should the industry brace itself for software regulations? Continue Reading
By- Rob Wright, Senior News Director
-
Podcast
22 Feb 2017
Risk & Repeat: RSA Conference 2017 highlights and trends
In this episode of SearchSecurity's Risk & Repeat podcast, editors recap RSA Conference 2017 and discuss how the show addressed many security problems, but had very few answers. Continue Reading
By- Rob Wright, Senior News Director
-
News
22 Feb 2017
Understanding of security remediation differs for CISOs, researchers
One expert warned there can be a disconnect between what security remediation means to CISOs and what researchers announce because of divergent objectives. Continue Reading
By- Michael Heller, TechTarget
-
News
16 Feb 2017
Experts debate national cybersecurity policy suggestions at RSAC 2017
Experts at RSAC 2017 discussed national cybersecurity policy suggestions for the new presidential administration, including what to do about encryption and the DHS mission. Continue Reading
By- Michael Heller, TechTarget
-
Tip
16 Feb 2017
Intrusion response plans: Tales from front-line IT support
The right intrusion response training can make all the difference in data breach prevention. Expert Joe Granneman provides a real-world example from which enterprises can learn. Continue Reading
By- Joseph Granneman, Illumination.io
-
Answer
16 Feb 2017
How does a security portfolio help an enterprise security program?
A security portfolio shouldn't be used as an alternative to a reporting structure, but it can still be beneficial to enterprises. Expert Mike O. Villegas explains how. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
16 Feb 2017
RSA Conference speakers tackle tech immigration reform, travel ban
Several speakers made pro-immigration remarks at RSA Conference 2017 and called for tech immigration reform following President Trump's controversial executive order. Continue Reading
By- Rob Wright, Senior News Director
-
News
15 Feb 2017
Upcoming cybersecurity executive order leaves RSAC experts optimistic
Experts at RSAC 2017 discussed the upcoming cybersecurity executive order from the new presidential administration and how the NIST Framework strengthens the plan. Continue Reading
By- Michael Heller, TechTarget
-
News
15 Feb 2017
Do IoT security risks require new legislation or will standards suffice?
In a panel discussion about current IoT security risks, experts at RSA Conference 2017 weigh government legislation options against industry self-regulation. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
15 Feb 2017
Bruce Schneier: It's time for internet-of-things regulation
Speaking at RSA Conference 2017, security expert Bruce Schneier called for the creation of a new government agency to oversee internet-of-things regulation. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
15 Feb 2017
What are the pros and cons of hiring a virtual CISO?
A virtual CISO is a good option for smaller organizations that want stronger security leadership, but don't have the budget. Expert Mike O. Villegas discusses the pros and cons. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
15 Feb 2017
State-sponsored hacking needs to stop, says Congressman McCaul
Rep. Michael McCaul took a harsh stance on Russian state-sponsored hacking at RSA Conference 2017 and pushed the U.S. government to do more to stop such attacks. Continue Reading
By- Rob Wright, Senior News Director
-
News
14 Feb 2017
RSA panel covers cryptography trends, elections and more
Panel at RSAC on cryptography trends offers views on AI's coming domination of cybersecurity, quantum computing and quantum cryptography, politics and elections and more. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
14 Feb 2017
Ramzan advocates collaborative security in RSAC keynote
Zulfikar Ramzan opens RSA Conference 2017 by reminding enterprises that just as cyberattacks have long-tail repercussions, so too do collaborative security decisions made in business. Continue Reading
By- Michael Heller, TechTarget
-
News
14 Feb 2017
RSA President Rohit Ghai details new cybersecurity platform at RSAC 2017
Michael Dell introduces RSA's newly appointed president, Rohit Ghai, who is set to lead the cybersecurity firm as it implements its new Business Driven Security platform. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
14 Feb 2017
Nation-state cyberattacks rising, warns former NSA director
Speaking at RSA Conference 2017, former NSA Director Keith Alexander warned of increased nation-state cyberattacks and called for an overhaul of U.S. government cybersecurity. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
13 Feb 2017
Who should be on an enterprise cybersecurity advisory board?
What qualifications does a cybersecurity advisory board member need to best serve enterprises? Expert Mike O. Villegas outlines the most helpful backgrounds for board members. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
10 Feb 2017
Trump tells White House cybersecurity officer, 'You're fired'
Rumors have been confirmed that President Trump has fired the White House cybersecurity officer in charge of making sure he and his staff are not hacked. Continue Reading
By- Michael Heller, TechTarget
-
News
10 Feb 2017
NSA contractor indicted for stealing elite cyberweapons over 20 years
The NSA contractor accused of stealing elite cyberweapons over the course of 20 years, but his connection to the Shadow Brokers auction of similar hacking tools is still unclear. Continue Reading
By- Michael Heller, TechTarget
-
News
09 Feb 2017
IoT security threat to become real post-Mirai at RSA Conference 2017
IoT security tops the list of RSA Conference 2017 submissions after IoT devices were abused by threat actors, but the topics experts worry about are much more far-reaching. Continue Reading
By- Michael Heller, TechTarget
-
Tip
09 Feb 2017
How to organize an enterprise cybersecurity team effectively
The structure of an enterprise's cybersecurity team is important for ensuring it's as effective as possible. Expert Steven Weil outlines strategies for setting up a security group. Continue Reading
By- Steven Weil, Point B
-
News
07 Feb 2017
Google to appeal after loss in cloud data privacy case
Further battle over cloud data privacy is imminent, as a court decides against Google and declines to consider Microsoft's recent appeal victory as precedent. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
03 Feb 2017
Experts debate effects of government cybersecurity executive order
A leaked version of a draft of a government cybersecurity executive order from President Trump has experts debating the effects such an order would have. Continue Reading
By- Michael Heller, TechTarget
-
News
02 Feb 2017
Pentagon hack possible due to bad vulnerability management
A researcher finds unpatched flaws in DOD systems that may have already allowed a Pentagon hack, and the government is doing nothing to remediate the issue. Continue Reading
By- Michael Heller, TechTarget
-
News
31 Jan 2017
RSA Conference 2017 "not impacted" by Trump's executive order
RSA Conference 2017 hasn't been affected by President Trump's recent executive order, but the travel ban has still send shockwaves through the tech industry. Continue Reading
By- Rob Wright, Senior News Director
-
News
31 Jan 2017
RSAC 2017 Innovation Sandbox highlights top 10 cyber startups
RSAC 2017: Innovation Sandbox competition pits this year's top 10 cybersecurity startups against each other in a bid to win top honors as most innovative. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Conference Coverage
30 Jan 2017
RSA 2017: Special conference coverage
Follow breaking news from the SearchSecurity team at RSA 2017 in San Francisco to learn the latest developments in the information security industry. Continue Reading
-
News
27 Jan 2017
Americans split on federal government security, encryption attitudes
News roundup: Half of Americans don't trust federal government security. Plus, a Kaspersky Lab manager was arrested; an internal DOD network was found vulnerable; and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Tip
26 Jan 2017
When not to renew a vendor contract due to security issues
Opting out of a vendor contract for security reasons can be a tough decision for CISOs. Expert Mike O. Villegas discusses how NASA handled the situation and what CISOs can do. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
23 Jan 2017
SEC to investigate the Yahoo breach disclosures
The SEC has requested more information for potential cases concerning whether the Yahoo breach disclosures could have come sooner. Continue Reading
By- Michael Heller, TechTarget
-
News
20 Jan 2017
Future of the federal CISO position in question as Touhill steps down
Retired Brig. Gen. Gregory Touhill stepped down as the federal CISO, leaving questions surrounding the future of the position and the work he has done. Continue Reading
By- Michael Heller, TechTarget
-
Answer
12 Jan 2017
What effect does FITARA have on U.S. government cybersecurity?
FITARA became a law in 2014, but government cybersecurity continues to struggle. Expert Mike O. Villegas discusses the effects of the law. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Podcast
12 Jan 2017
Risk & Repeat: CES Cybersecurity Forum tackles passwords, IoT
In this episode of SearchSecurity's Risk & Repeat podcast, editors highlight the topics discussed at the CES Cybersecurity Forum, as well as new technologies showcased at the event. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
10 Jan 2017
What are the potential pros and cons of a Cyber National Guard?
A congressman proposed adding a Cyber National Guard to the military to protect the U.S. from cyber adversaries. Expert Mike O. Villegas examines the potential drawbacks of this branch. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Security School
10 Jan 2017
Privileged access management and security in the enterprise
This Security School explores the important steps enterprises need to take when managing privileged access accounts to prevent credential abuse and security incidents. Continue Reading
-
Answer
09 Jan 2017
Are investigations crucial to data breach protection?
SWIFT banking has a team dedicated to data breach investigations. Expert Mike O. Villegas discusses why this is necessary and whether other organizations should follow suit. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Tip
05 Jan 2017
The dangers of using security policy templates in the enterprise
Among other drawbacks, using security policy templates can make compliance audits and breach assessments harder for enterprises. Expert Joseph Granneman explains why they're risky. Continue Reading
By- Joseph Granneman, Illumination.io
-
Tip
04 Nov 2016
Information security risk management: Understanding the components
An enterprise has to know what risks it is facing. Expert Peter Sullivan explains why an information security risk management plan is crucial for cybersecurity readiness. Continue Reading
-
Tip
02 Nov 2016
Cloud DDoS protection: What enterprises need to know
DDoS attacks are a continuing problem, and enterprises should consider using cloud DDoS protection services. Expert Frank Siemons discusses the cloud options. Continue Reading
By- Frank Siemons, RedSec
-
Feature
01 Nov 2016
Want a board-level cybersecurity expert? They're hard to find
Members of the board must be ready to defend their fiduciary decisions, corporate policies, compliance actions and, soon, cybersecurity preparedness. Continue Reading
-
Answer
05 Oct 2016
How would a cyberattack information database affect companies?
A proposed cyberattack information database in the U.K. aims to improve cyberinsurance. Expert Mike Chapple explains what collecting data breach information means for U.S. companies. Continue Reading
By- Mike Chapple, University of Notre Dame
-
Answer
20 Sep 2016
Is settling a data breach lawsuit the best option for enterprises?
In the unfortunate event of a data breach lawsuit, it's often better to settle before the case reaches court. Expert Mike O. Villegas explains why and how CISOs can help. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Answer
19 Sep 2016
Are new cybersecurity products the best investment for enterprises?
Having the latest cybersecurity products isn't always the best way to approach security. Expert Mike O. Villegas explains why and how to deal with pressure to buy new. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Tip
15 Aug 2016
Achieving cybersecurity readiness: What enterprises should know
Enterprises need to be ready to act in the face of security incidents and cyberattacks. Expert Peter Sullivan outlines seven elements of proper cybersecurity readiness. Continue Reading
-
Feature
14 Jul 2016
Cybersecurity blind spots: Mitigating risks and vulnerabilities
Cybersecurity blind spots based in risk and vulnerabilities can be difficult to spot and address. Sean Martin talks with security experts on how to overcome that challenge. Continue Reading
By -
Tip
05 Jul 2016
How tabletop exercises can help uncover hidden security risks
A regular tabletop exercise could help to identify security risks in scenarios relevant to your organization. Expert Bob Wood explains the steps in the process. Continue Reading
By- Robert Wood
-
News
27 Jun 2016
Intel reportedly considering selling its security business
New reports suggest Intel may be looking into selling off its security business, and experts are unclear whether it means Intel's McAfee acquisition has gone sour. Continue Reading
By- Michael Heller, TechTarget
-
News
17 Jun 2016
FBI facial recognition systems draw criticism over privacy, accuracy
GAO report blasts FBI facial recognition programs over privacy and accuracy concerns; FBI systems offer access to over 411 million photos from federal and state sources. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Tip
17 Jun 2016
How CMMI models compare and map to the COBIT framework
Following ISACA's recent acquisition of the CMMI Institute, expert Judith Myerson takes a closer look at COBIT and CMMI models and how they compare to one another. Continue Reading
-
Tip
16 May 2016
How encryption legislation could affect enterprises
The legal battle between the FBI and Apple brought encryption legislation into the public eye, for better or worse. Expert Mike Chapple discusses the effect of this on enterprises. Continue Reading
By- Mike Chapple, University of Notre Dame
-
Tip
07 Apr 2016
RSA Conference 2016 draws big crowds, strong encryption
RSA Conference 2016 was a densely-packed affair, with discussions ranging from strong encryption to skills shortage in the industry. Expert Nick Lewis gives a recap. Continue Reading
By -
Answer
04 Apr 2016
What are the differences between active boards and passive boards?
Both active and passive boards of directors have different approaches to handling cybersecurity within their organizations. Here's how to tell which type you have. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Feature
01 Apr 2016
Integrated Security Systems Design
In this excerpt of Integrated Security Systems Design, author Thomas L. Norman explains the tools of security system design, the place of electronics in the process, how to establish electronic security program objectives and the types of design efforts. Continue Reading
By- SearchSecurity and Syngress
-
Feature
01 Apr 2016
Information Governance and Security: Protecting and Managing Your Company's Proprietary
In this excerpt of Information Governance and Security, authors John G. Iannarelli and Michael O'Shaughnessy offer tips for establishing guidelines for all departments or sectors of a business. Continue Reading
By- SearchSecurity and Syngress
-
News
18 Mar 2016
Apple court filing challenges iPhone backdoor as rhetoric heats up
The rhetoric about the iPhone backdoor from Apple and the FBI has gotten more intense as Apple challenged the FBI in court by calling its motion unconstitutional. Continue Reading
By- Michael Heller, TechTarget
-
Feature
18 Mar 2016
Designing and Building Security Operations center
In this excerpt of Designing and Building Security Operations Center, author David Nathans reviews the infrastructure needed to support a SOC and maintain SOC security. Continue Reading
By- SearchSecurity and Syngress
-
News
02 Mar 2016
Bruce Schneier on IBM grabbing him up with Resilient Systems
Bruce Schneier chats with SearchSecurity during lunch at RSAC about IBM's plans to acquire Resilient Systems to complete their security offering. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Tip
24 Feb 2016
Cybersecurity products: When is it time to change them?
Enterprises should assess their cybersecurity products to make sure they're as effective as possible. Expert Mike O. Villegas discusses how to evaluate cybersecurity tools. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Answer
23 Nov 2015
What data breach notification policy should enterprises follow?
A data breach notification policy is important to have, but deciding how to alert customers can be tough. Expert Mike Chapple explains some best practices. Continue Reading
By- Mike Chapple, University of Notre Dame
-
Answer
20 Oct 2015
Why did Anthem resist government vulnerability assessments?
Vulnerability assessments are often a requirement for organizations that have suffered a data breach and the assessors' results can be invaluable to protect a business. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Answer
01 Oct 2015
Should security funds be dedicated to hiring or tools?
Security funds can be tough to come by, so when managers get them should they focus on strengthening security through hiring or through purchasing tools? Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Tip
26 Aug 2015
Managed security service providers: Weighing the pros and cons
Using a managed security service provider can be an appealing option to enterprises, but there are many factors to consider before making the move to outsourcing. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
10 Jul 2015
Homeland Security chief calls for federal breach reporting law
The Homeland Security head wants federal laws requiring data breach reporting and information sharing, but one expert warns that government officials need better understanding of infosec technology before creating such laws. Continue Reading
By- Michael Heller, TechTarget
-
Tip
19 Jun 2015
State of the Network study: How security tasks are dominating IT staff
The majority of networking teams are regularly involved in enterprise security tasks. Expert Kevin Beaver explains the phenomena and how to embrace it. Continue Reading
By- Kevin Beaver, Principle Logic, LLC
-
News
22 May 2015
Government backdoor security concerns prompt letter to president
As privacy and security concerns rise, President Obama is urged to dismiss the call for government backdoors. Continue Reading
By- Sharon Shea, Executive Editor
-
Answer
04 May 2015
The CEO refuses cybersecurity best practices: Now what?
Some executives don't think cybersecurity best practices apply to them. Expert Mike O. Villegas explains how to handle that situation. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
29 Apr 2015
RSA Conference 2015 recap: Record attendance, record stakes
This year's RSA Conference once again broke the previous year's attendance record. Is the show getting too big for San Francisco? Plus key takeaways and final words from our executive editor. Continue Reading
By- Eric Parizo, Senior Analyst
-
News
24 Apr 2015
NIST wants help building the one ID proofing system to rule them all
The U.S. government wants to solve the weaknesses in online ID proofing systems, but it needs the help of enterprise and security professionals in order to overcome privacy concerns and other issues. Continue Reading
By- Michael Heller, TechTarget
-
Answer
20 Mar 2015
How should agencies prepare for federal security scanning?
What do agencies need to consider before going through the Department of Homeland Security's network security scanning? Expert Mike Chapple answers. Continue Reading
By- Mike Chapple, University of Notre Dame