Security operations and management

Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.

Top Stories

Tip 28 Sep 2023
How to develop a cybersecurity strategy: Step-by-step guide

A cybersecurity strategy isn't meant to be perfect, but it must be proactive, effective, actively supported and evolving. Here are the four steps required to get there. Continue Reading
Opinion 25 Sep 2023
6 reasons Cisco acquired Splunk

A treasure trove of Cisco and Splunk data, AI and analytics can improve cyber-resilience, accelerate threat detection and response, and enable more intelligent networks. Continue Reading

News 16 Jun 2017

Router security issues highlighted by CIA's CherryBlossom project

The latest WikiLeaks release on CIA hacking tools includes the CherryBlossom project, which highlights router security issues, including a lack of firmware signing validation. Continue Reading
Feature 13 Jun 2017

(ISC)2 CEO on cybersecurity workforce expansion and 2017 Congress

Recently, SearchSecurity editorial director Robert Richardson checked in with (ISC)2's CEO David Shearer as the organization prepares for its fall Security Congress. Continue Reading
News 09 Jun 2017

Microsoft accused of blocking independent antivirus competition

News roundup: Kaspersky files a complaint against Microsoft's handling of independent antivirus software for Windows 10. Plus, hackers use Instagram to spread malware, and more. Continue Reading
News 02 Jun 2017

International data privacy laws create inconsistent rules

A new cybersecurity law in China highlights the trend of inconsistent international data privacy laws being enacted around the world. Continue Reading
Feature 01 Jun 2017

IT security trends: 2017 prioritizes cloud, network, endpoints

The 2017 TechTarget IT Priorities Survey reports a number of key IT security trends about where enterprises and infosec professionals place their time and resources. Continue Reading
Feature 01 Jun 2017

Acquiring cybersecurity insurance: Why collaboration is key

Cybersecurity insurance is becoming more important to enterprises as threats increase. Sean Martin explains why enterprise departments need to work together to acquire it. Continue Reading
01 Jun 2017

Verizon DBIR 2017: Basic cybersecurity focus misplaced

Continue Reading
Podcast 18 May 2017

Risk & Repeat: Reviewing Trump's cybersecurity executive order

This week's Risk & Repeat podcast looks at President Trump's cybersecurity executive order and how it aims to address federal government and critical infrastructure issues. Continue Reading
News 17 May 2017

Vulnerabilities Equities Process may be law with PATCH Act

The bipartisan PATCH Act aims to codify the Vulnerabilities Equities Process into law in the wake of a global ransomware attack based on a stolen NSA cyberweapon. Continue Reading
News 17 May 2017

Q&A: Talking bug bounty programs with Bugcrowd's Casey Ellis

As bug bounty programs become more mainstream, Bugcrowd founder and CEO Casey Ellis offers insights into rewards, best practices and tips for getting the most bang for the buck. Continue Reading
Answer 15 May 2017

What is NIST's guidance on lightweight cryptography?

NIST released a report on lightweight cryptography. Expert Judith Myerson reviews what the report covers and what NIST recommends for standardization. Continue Reading
News 12 May 2017

Trump cyber executive order focuses on cyber-risk management

The Trump cyber executive order arrived, with a focus on cyber-risk management and reports. But key details are missing in terms of implementing changes. Continue Reading
Tip 11 May 2017

Applying the new FDA medical device guidance to infosec programs

New FDA medical device guidance demonstrates the need for better cybersecurity during manufacturing and use. Expert Nick Lewis explains how enterprises can use the recommendations. Continue Reading
Answer 10 May 2017

Should the Vulnerabilities Equities Process be codified into law?

The Vulnerabilities Equities Process is a controversial subject. Expert Matthew Pascucci looks at the arguments for and against codifying it into law. Continue Reading
Blog Post 03 May 2017

Verizon DBIR 2017 loses international contributors

Looking at the overall numbers for the contributors to the Verizon Data Breach Investigations Report (DBIR) from the past five years, it would seem like the amount of partners is hitting a plateau, ... Continue Reading
News 02 May 2017

NATO cyberwar games show the U.S. needs more practice

The NATO Locked Shields cyberwar games had the U.S. team winning most improved, but experts say the U.S. still needs more practice. Continue Reading
News 28 Apr 2017

Verizon DBIR 2017: Basic cybersecurity focus misplaced

Basic cybersecurity measures like limiting password reuse and implementing multifactor authentication could be big benefits, according to the Verizon DBIR 2017. Continue Reading
News 28 Apr 2017

Pretexting is a rising threat, according to 2017 Verizon DBIR

The 2017 Verizon DBIR details threats becoming more popular, like ransomware, and some that are less known, but dangerous, like pretexting. Continue Reading
News 28 Apr 2017

Still waiting for a cybersecurity executive order from Trump

News roundup: A cybersecurity executive order overdue, but 'close and nearby.' Plus, the USPTO says it will stop using HTTPS; a teenage hacker sentenced to prison; and more. Continue Reading
News 07 Apr 2017

State Department hack and APT29 prove attacker resilience

News Roundup: 'Hand-to-hand' combat in State Department hack, APT29 has a stealth backdoor, the creator of the internet backs strong encryption, and more. Continue Reading
Answer 07 Apr 2017

What should be included in a social media security policy?

A social media security policy is necessary for most enterprises today. Expert Mike O. Villegas discusses what should be included in social media policies. Continue Reading
News 06 Apr 2017

Public/private threat intelligence sharing faces roadblocks

The U.S. government says it wants to improve threat intelligence sharing between the public and private sectors, but experts are unsure that is possible in the current climate. Continue Reading
Tip 06 Apr 2017

Dedicated security teams: The pros and cons of splitting focus areas

Could using dedicated security teams that focus on one area of risk help reduce the attack surface for enterprises? Expert Steven Weil looks at the pros and cons of that approach. Continue Reading
Feature 03 Apr 2017

MSSPs add advanced threats as managed security services gain hold

Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'? Continue Reading
News 31 Mar 2017

EU encryption backdoor options for messaging apps set for June

Messaging app developers will be offered 'three or four' legislative and non-legislative options for encryption backdoor access for EU law enforcement. Continue Reading
News 31 Mar 2017

WikiLeaks' false flag attack allegations against CIA unfounded

Another set of documents from the Vault 7 CIA cache was released by WikiLeaks, but experts say the allegations of false flag attacks are unfounded and dangerous. Continue Reading
News 31 Mar 2017

Obama-era cyber executive order extended by Trump

A cyber executive order from the Obama era has been extended by President Trump to allow sanctions placed on cybercriminals who attack the U.S. Continue Reading
News 30 Mar 2017

Experts debunk strong encryption claims by FBI's Comey

FBI Director James Comey clearly laid out his views on strong encryption and urged more conversation, but experts say his arguments fall flat and may even be misleading. Continue Reading
News 24 Mar 2017

Encryption debate needs to be nuanced, FBI's Comey says

FBI Director James Comey brought the encryption debate back to the forefront by asking for a 'nuanced and thoughtful' conversation on the topic before there is a serious attack. Continue Reading
Podcast 22 Mar 2017

Risk & Repeat: Accused Yahoo hackers indicted

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the indictments of the alleged Yahoo hackers and how the attackers minted Yahoo authentication cookies. Continue Reading
News 21 Mar 2017

WikiLeaks' disclosure of CIA hacks comes with requirements

WikiLeaks reportedly made demands of vendors at risk from the Vault 7 CIA hacks, but without knowing what the requirements are, experts are unsure how to react. Continue Reading
News 21 Mar 2017

FBI investigating Trump campaign ties to Russia, DNC breach

FBI Director James Comey confirmed the bureau is investigating the Trump campaign's ties to the Russian government and election cyberattacks such as the DNC breach. Continue Reading
News 17 Mar 2017

Will the Yahoo breach indictments be an effective hacker deterrent?

The Department of Justice indicted suspects in the 2014 Yahoo breach, but experts are unsure if this will prove to be an effective hacker deterrent moving forward. Continue Reading
Answer 16 Mar 2017

Can CISOs facilitate peace between privacy and information security?

Privacy and information security can often be at odds with each other in enterprises. Expert Mike O. Villegas explains how C-levels can help to get the two to work in harmony. Continue Reading
News 15 Mar 2017

DOJ indicts suspected Yahoo hackers from Russia; extradition unclear

The U.S. Department of Justice indicted four men -- including two Russian Federal Security Service officers -- accused of being the Yahoo hackers, but only one person was arrested. Continue Reading
Podcast 15 Mar 2017

Risk & Repeat: Leak of CIA hacking tools creates confusion

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the confusion around WikiLeaks' release of government documents regarding CIA hacking tools. Continue Reading
Answer 15 Mar 2017

How can CISOs strengthen communications with cybersecurity staff?

Effective CISO communications are key to fostering a healthy relationship with the cybersecurity staff. Expert Mike O. Villegas reviews some ways to build that relationship. Continue Reading
Answer 14 Mar 2017

What effect does a federal CISO have on government cybersecurity?

The brief tenure of a federal CISO in the U.S. government recently came to an end. Expert Mike O. Villegas discusses the effect this has on the U.S. cybersecurity posture. Continue Reading
News 10 Mar 2017

WikiLeaks vows to disclose CIA hacking tools; CIA to investigate

WikiLeaks founder Julian Assange promised to work with vendors to help patch products vulnerable to CIA hacking tools, while the FBI and CIA will investigate the leak. Continue Reading
Tip 09 Mar 2017

IoT development and implementation: Managing enterprise security

The CSA's guidelines for secure IoT development can give enterprises an idea of how to evaluate IoT products. Expert Nick Lewis explains the steps enterprises should take. Continue Reading
Podcast 09 Mar 2017

Risk & Repeat: Does the Amazon S3 outage raise security flags?

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Amazon Simple Storage Service outage and why the incident may have security implications. Continue Reading
News 08 Mar 2017

Responsible vulnerability disclosure lacking by CIA and WikiLeaks

Experts criticize both WikiLeaks and the CIA for failing responsible vulnerability disclosure around the Vault 7 documents, and question the CIA's use of the VEP. Continue Reading
News 08 Mar 2017

Vault 7 CIA hacking weapons include iOS, Android and Windows zero days

WikiLeaks released a massive dump of files it claims to be CIA hacking tools, codenamed Vault 7, which includes iOS and Android zero-day exploits. Continue Reading
News 24 Feb 2017

Experts: Government Vulnerabilities Equities Process should be law

Experts say codifying the Vulnerabilities Equities Process into law would increase transparency and trust regarding vulnerability disclosure by the government. Continue Reading
Blog Post 24 Feb 2017

RSA Conference 2017: Are software regulations coming for developers?

Security expert Bruce Schneier said programmers' freedom to code whatever they want will likely come to an end. Should the industry brace itself for software regulations? Continue Reading
Podcast 22 Feb 2017

Risk & Repeat: RSA Conference 2017 highlights and trends

In this episode of SearchSecurity's Risk & Repeat podcast, editors recap RSA Conference 2017 and discuss how the show addressed many security problems, but had very few answers. Continue Reading
News 22 Feb 2017

Understanding of security remediation differs for CISOs, researchers

One expert warned there can be a disconnect between what security remediation means to CISOs and what researchers announce because of divergent objectives. Continue Reading
News 16 Feb 2017

Experts debate national cybersecurity policy suggestions at RSAC 2017

Experts at RSAC 2017 discussed national cybersecurity policy suggestions for the new presidential administration, including what to do about encryption and the DHS mission. Continue Reading
Tip 16 Feb 2017

Intrusion response plans: Tales from front-line IT support

The right intrusion response training can make all the difference in data breach prevention. Expert Joe Granneman provides a real-world example from which enterprises can learn. Continue Reading
Answer 16 Feb 2017

How does a security portfolio help an enterprise security program?

A security portfolio shouldn't be used as an alternative to a reporting structure, but it can still be beneficial to enterprises. Expert Mike O. Villegas explains how. Continue Reading
News 16 Feb 2017

RSA Conference speakers tackle tech immigration reform, travel ban

Several speakers made pro-immigration remarks at RSA Conference 2017 and called for tech immigration reform following President Trump's controversial executive order. Continue Reading
News 15 Feb 2017

Upcoming cybersecurity executive order leaves RSAC experts optimistic

Experts at RSAC 2017 discussed the upcoming cybersecurity executive order from the new presidential administration and how the NIST Framework strengthens the plan. Continue Reading
News 15 Feb 2017

Do IoT security risks require new legislation or will standards suffice?

In a panel discussion about current IoT security risks, experts at RSA Conference 2017 weigh government legislation options against industry self-regulation. Continue Reading
News 15 Feb 2017

Bruce Schneier: It's time for internet-of-things regulation

Speaking at RSA Conference 2017, security expert Bruce Schneier called for the creation of a new government agency to oversee internet-of-things regulation. Continue Reading
Answer 15 Feb 2017

What are the pros and cons of hiring a virtual CISO?

A virtual CISO is a good option for smaller organizations that want stronger security leadership, but don't have the budget. Expert Mike O. Villegas discusses the pros and cons. Continue Reading
News 15 Feb 2017

State-sponsored hacking needs to stop, says Congressman McCaul

Rep. Michael McCaul took a harsh stance on Russian state-sponsored hacking at RSA Conference 2017 and pushed the U.S. government to do more to stop such attacks. Continue Reading
News 14 Feb 2017

RSA panel covers cryptography trends, elections and more

Panel at RSAC on cryptography trends offers views on AI's coming domination of cybersecurity, quantum computing and quantum cryptography, politics and elections and more. Continue Reading
News 14 Feb 2017

Ramzan advocates collaborative security in RSAC keynote

Zulfikar Ramzan opens RSA Conference 2017 by reminding enterprises that just as cyberattacks have long-tail repercussions, so too do collaborative security decisions made in business. Continue Reading
News 14 Feb 2017

RSA President Rohit Ghai details new cybersecurity platform at RSAC 2017

Michael Dell introduces RSA's newly appointed president, Rohit Ghai, who is set to lead the cybersecurity firm as it implements its new Business Driven Security platform. Continue Reading
News 14 Feb 2017

Nation-state cyberattacks rising, warns former NSA director

Speaking at RSA Conference 2017, former NSA Director Keith Alexander warned of increased nation-state cyberattacks and called for an overhaul of U.S. government cybersecurity. Continue Reading
Answer 13 Feb 2017

Who should be on an enterprise cybersecurity advisory board?

What qualifications does a cybersecurity advisory board member need to best serve enterprises? Expert Mike O. Villegas outlines the most helpful backgrounds for board members. Continue Reading
News 10 Feb 2017

Trump tells White House cybersecurity officer, 'You're fired'

Rumors have been confirmed that President Trump has fired the White House cybersecurity officer in charge of making sure he and his staff are not hacked. Continue Reading
News 10 Feb 2017

NSA contractor indicted for stealing elite cyberweapons over 20 years

The NSA contractor accused of stealing elite cyberweapons over the course of 20 years, but his connection to the Shadow Brokers auction of similar hacking tools is still unclear. Continue Reading
News 09 Feb 2017

IoT security threat to become real post-Mirai at RSA Conference 2017

IoT security tops the list of RSA Conference 2017 submissions after IoT devices were abused by threat actors, but the topics experts worry about are much more far-reaching. Continue Reading
Tip 09 Feb 2017

How to organize an enterprise cybersecurity team effectively

The structure of an enterprise's cybersecurity team is important for ensuring it's as effective as possible. Expert Steven Weil outlines strategies for setting up a security group. Continue Reading
News 07 Feb 2017

Google to appeal after loss in cloud data privacy case

Further battle over cloud data privacy is imminent, as a court decides against Google and declines to consider Microsoft's recent appeal victory as precedent. Continue Reading
News 03 Feb 2017

Experts debate effects of government cybersecurity executive order

A leaked version of a draft of a government cybersecurity executive order from President Trump has experts debating the effects such an order would have. Continue Reading
News 02 Feb 2017

Pentagon hack possible due to bad vulnerability management

A researcher finds unpatched flaws in DOD systems that may have already allowed a Pentagon hack, and the government is doing nothing to remediate the issue. Continue Reading
News 31 Jan 2017

RSA Conference 2017 "not impacted" by Trump's executive order

RSA Conference 2017 hasn't been affected by President Trump's recent executive order, but the travel ban has still send shockwaves through the tech industry. Continue Reading
News 31 Jan 2017

RSAC 2017 Innovation Sandbox highlights top 10 cyber startups

RSAC 2017: Innovation Sandbox competition pits this year's top 10 cybersecurity startups against each other in a bid to win top honors as most innovative. Continue Reading
Conference Coverage 30 Jan 2017

RSA 2017: Special conference coverage

Follow breaking news from the SearchSecurity team at RSA 2017 in San Francisco to learn the latest developments in the information security industry. Continue Reading
News 27 Jan 2017

Americans split on federal government security, encryption attitudes

News roundup: Half of Americans don't trust federal government security. Plus, a Kaspersky Lab manager was arrested; an internal DOD network was found vulnerable; and more. Continue Reading
Tip 26 Jan 2017

When not to renew a vendor contract due to security issues

Opting out of a vendor contract for security reasons can be a tough decision for CISOs. Expert Mike O. Villegas discusses how NASA handled the situation and what CISOs can do. Continue Reading
News 23 Jan 2017

SEC to investigate the Yahoo breach disclosures

The SEC has requested more information for potential cases concerning whether the Yahoo breach disclosures could have come sooner. Continue Reading
News 20 Jan 2017

Future of the federal CISO position in question as Touhill steps down

Retired Brig. Gen. Gregory Touhill stepped down as the federal CISO, leaving questions surrounding the future of the position and the work he has done. Continue Reading
Answer 12 Jan 2017

What effect does FITARA have on U.S. government cybersecurity?

FITARA became a law in 2014, but government cybersecurity continues to struggle. Expert Mike O. Villegas discusses the effects of the law. Continue Reading
Podcast 12 Jan 2017

Risk & Repeat: CES Cybersecurity Forum tackles passwords, IoT

In this episode of SearchSecurity's Risk & Repeat podcast, editors highlight the topics discussed at the CES Cybersecurity Forum, as well as new technologies showcased at the event. Continue Reading
Answer 10 Jan 2017

What are the potential pros and cons of a Cyber National Guard?

A congressman proposed adding a Cyber National Guard to the military to protect the U.S. from cyber adversaries. Expert Mike O. Villegas examines the potential drawbacks of this branch. Continue Reading
Security School 10 Jan 2017

Privileged access management and security in the enterprise

This Security School explores the important steps enterprises need to take when managing privileged access accounts to prevent credential abuse and security incidents. Continue Reading
Answer 09 Jan 2017

Are investigations crucial to data breach protection?

SWIFT banking has a team dedicated to data breach investigations. Expert Mike O. Villegas discusses why this is necessary and whether other organizations should follow suit. Continue Reading
Tip 05 Jan 2017

The dangers of using security policy templates in the enterprise

Among other drawbacks, using security policy templates can make compliance audits and breach assessments harder for enterprises. Expert Joseph Granneman explains why they're risky. Continue Reading
Tip 04 Nov 2016

Information security risk management: Understanding the components

An enterprise has to know what risks it is facing. Expert Peter Sullivan explains why an information security risk management plan is crucial for cybersecurity readiness. Continue Reading
Tip 02 Nov 2016

Cloud DDoS protection: What enterprises need to know

DDoS attacks are a continuing problem, and enterprises should consider using cloud DDoS protection services. Expert Frank Siemons discusses the cloud options. Continue Reading
Feature 01 Nov 2016

Want a board-level cybersecurity expert? They're hard to find

Members of the board must be ready to defend their fiduciary decisions, corporate policies, compliance actions and, soon, cybersecurity preparedness. Continue Reading
Answer 05 Oct 2016

How would a cyberattack information database affect companies?

A proposed cyberattack information database in the U.K. aims to improve cyberinsurance. Expert Mike Chapple explains what collecting data breach information means for U.S. companies. Continue Reading
Answer 20 Sep 2016

Is settling a data breach lawsuit the best option for enterprises?

In the unfortunate event of a data breach lawsuit, it's often better to settle before the case reaches court. Expert Mike O. Villegas explains why and how CISOs can help. Continue Reading
Answer 19 Sep 2016

Are new cybersecurity products the best investment for enterprises?

Having the latest cybersecurity products isn't always the best way to approach security. Expert Mike O. Villegas explains why and how to deal with pressure to buy new. Continue Reading
Tip 15 Aug 2016

Achieving cybersecurity readiness: What enterprises should know

Enterprises need to be ready to act in the face of security incidents and cyberattacks. Expert Peter Sullivan outlines seven elements of proper cybersecurity readiness. Continue Reading
Feature 14 Jul 2016

Cybersecurity blind spots: Mitigating risks and vulnerabilities

Cybersecurity blind spots based in risk and vulnerabilities can be difficult to spot and address. Sean Martin talks with security experts on how to overcome that challenge. Continue Reading
Tip 05 Jul 2016

How tabletop exercises can help uncover hidden security risks

A regular tabletop exercise could help to identify security risks in scenarios relevant to your organization. Expert Bob Wood explains the steps in the process. Continue Reading
News 27 Jun 2016

Intel reportedly considering selling its security business

New reports suggest Intel may be looking into selling off its security business, and experts are unclear whether it means Intel's McAfee acquisition has gone sour. Continue Reading
News 17 Jun 2016

FBI facial recognition systems draw criticism over privacy, accuracy

GAO report blasts FBI facial recognition programs over privacy and accuracy concerns; FBI systems offer access to over 411 million photos from federal and state sources. Continue Reading
Tip 17 Jun 2016

How CMMI models compare and map to the COBIT framework

Following ISACA's recent acquisition of the CMMI Institute, expert Judith Myerson takes a closer look at COBIT and CMMI models and how they compare to one another. Continue Reading
Tip 16 May 2016

How encryption legislation could affect enterprises

The legal battle between the FBI and Apple brought encryption legislation into the public eye, for better or worse. Expert Mike Chapple discusses the effect of this on enterprises. Continue Reading
Tip 07 Apr 2016

RSA Conference 2016 draws big crowds, strong encryption

RSA Conference 2016 was a densely-packed affair, with discussions ranging from strong encryption to skills shortage in the industry. Expert Nick Lewis gives a recap. Continue Reading
Answer 04 Apr 2016

What are the differences between active boards and passive boards?

Both active and passive boards of directors have different approaches to handling cybersecurity within their organizations. Here's how to tell which type you have. Continue Reading
Feature 01 Apr 2016

Information Governance and Security: Protecting and Managing Your Company's Proprietary

In this excerpt of Information Governance and Security, authors John G. Iannarelli and Michael O'Shaughnessy offer tips for establishing guidelines for all departments or sectors of a business. Continue Reading
Feature 01 Apr 2016

Integrated Security Systems Design

In this excerpt of Integrated Security Systems Design, author Thomas L. Norman explains the tools of security system design, the place of electronics in the process, how to establish electronic security program objectives and the types of design efforts. Continue Reading
News 18 Mar 2016

Apple court filing challenges iPhone backdoor as rhetoric heats up

The rhetoric about the iPhone backdoor from Apple and the FBI has gotten more intense as Apple challenged the FBI in court by calling its motion unconstitutional. Continue Reading
Feature 18 Mar 2016

Designing and Building Security Operations center

In this excerpt of Designing and Building Security Operations Center, author David Nathans reviews the infrastructure needed to support a SOC and maintain SOC security. Continue Reading