Security operations and management
Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.
Top Stories
-
Conference Coverage
16 May 2025
RSAC Conference 2025
Follow SearchSecurity's RSAC 2025 guide for insightful pre-conference insights and reports on notable presentations and breaking news at the world's biggest infosec event. Continue Reading
-
Feature
01 May 2025
RSAC 2025: The time for crypto-agility adoption is now
An RSAC 2025 speaker explained why companies should begin their quantum-safe journey now and how crypto-agility adoption helps prepare for post-quantum cryptography. Continue Reading
-
News
27 Sep 2019
New York files lawsuit over Dunkin' breach response
The New York attorney general filed a lawsuit against Dunkin' Brands regarding attacks dating back to 2015 and alleges the company failed to respond or notify victims properly. Continue Reading
-
News
26 Sep 2019
After Bugcrowd pilot, Air Force bug bounty program eyes expansion
The U.S. Air Force is eyeing an expansion of its bug bounty efforts after partnering with Bugcrowd on a three-month pilot program for its cloud platform. Continue Reading
-
Feature
25 Sep 2019
How to use SOAR tools to simplify enterprise infosec programs
SOAR tools are designed to deliver convenience and simplicity to cybersecurity programs. Explore the many benefits security orchestration and automation promises users. Continue Reading
-
News
29 Aug 2019
Suspect in Capital One breach indicted for additional intrusions
The alleged Capital One hacker, Paige Thompson, was charged with additional counts of fraud and abuse for stealing data from more than 30 other organizations. Continue Reading
-
News
21 Aug 2019
Texas ransomware attack hits 22 municipalities, demands $2.5M
Ransomware attacks hit 22 municipalities around Texas, most of which appear to be smaller local governments, but the details surrounding the attacks are still unclear. Continue Reading
-
Tip
20 Aug 2019
CISO challenges include building credibility within the business
No matter what comes at them in terms of cybersecurity issues, the main CISO challenge comes down to building credibility as a trustworthy person. Continue Reading
-
News
12 Aug 2019
Why cyber insurance policies are so 'ridiculously cheap'
The cyber insurance market is growing rapidly and policies are incredibly inexpensive -- but experts at Black Hat 2019 had concerns about those low prices. Continue Reading
-
Feature
12 Aug 2019
Cybersecurity automation won't fix the skills gap alone
Joan Pepin, CISO and vice president of operations at Auth0, says cybersecurity automation makes her job possible, but it can't replace the human talent her industry badly needs. Continue Reading
-
News
05 Aug 2019
BlackBerry Intelligent Security enables flexible security policy
BlackBerry launched a new unified endpoint management platform, BlackBerry Intelligent Security, which changes security policies by calculating user risk. Continue Reading
-
Feature
02 Aug 2019
Lack of cybersecurity skills fuels workforce shortage
Cybersecurity researcher Bob Duhainy discusses the cybersecurity skills shortage and provides suggestions about how companies can close the gap to avoid future risk. Continue Reading
-
News
02 Aug 2019
Capital One breach suspect may have hit other companies
History from a Slack channel run by the Capital One data breach suspect points to data stolen from more organizations, but no evidence of other attacks has been found yet. Continue Reading
-
News
16 Jul 2019
Experts: Facebook fine by FTC should be wake-up call for all
Facebook will reportedly be hit with a $5 billion fine by the FTC following an investigation into multiple privacy issues, and experts said other enterprises should take note. Continue Reading
-
Feature
12 Jul 2019
Cybersecurity skills shortage prompts new hiring approach
Hiring managers are widening the pool of candidates in response to the cybersecurity skills shortage. Learn how a parks and recreation background can be an asset in threat hunting. Continue Reading
-
News
09 Jul 2019
British Airways security incident garners record GDPR fine
The ICO plans to levy a record GDPR fine of nearly $230 million against British Airways for a security incident that led to 500,000 customers having their data compromised. Continue Reading
-
Answer
08 Jul 2019
Attackers turn the tables on incident response strategies
Attackers expect incident response strategies and have a plan for when they encounter them. Find out how to take IR to the next level against attacker incident response counterstrategies. Continue Reading
-
Tip
08 Jul 2019
Boost application security in DevOps with DevSecOps
Without DevSecOps, application security can end up on the back burner during application development. Learn how DevSecOps can bake security back into the process. Continue Reading
-
News
02 Jul 2019
Huawei ban may be loosened, but details unclear
President Donald Trump promised to loosen trade restrictions on Huawei, while respecting national security concerns, but the details of the changes are still unclear. Continue Reading
-
Tip
28 Jun 2019
Strategies to mitigate cybersecurity incidents need holistic plans
Every organization needs strategies to mitigate cybersecurity incidents, but what areas should the strategies address? Find out what experts suggest to protect the entire organization. Continue Reading
-
Feature
28 Jun 2019
Comparing EDR tools: Cybereason vs. CrowdStrike vs. Carbon Black
Learn how tools from leading EDR vendors Cybereason, CrowdStrike and Carbon Black compare when it comes to helping security teams fight endpoint threats and respond to incidents. Continue Reading
-
Tip
28 Jun 2019
How to prevent cybersecurity attacks using this 4-part strategy
It can be daunting to defend an enterprise against cyberattacks, but these four defensive moves can help fortify and repel whatever comes your way. Continue Reading
-
Feature
11 Jun 2019
Red alerts: Inside Cisco's incident response best practices
Incident response is often challenging, but Cisco's Sean Mason offers recommendations for doing IR effectively, from keeping internal logs longer to embracing tabletop exercises. Continue Reading
-
Podcast
07 Jun 2019
Tenable CEO Amit Yoran wants to stop 'cyber helplessness'
This week's Risk & Repeat podcast features Tenable CEO Amit Yoran, who discusses what he calls 'cyber helplessness' and how the mentality is infecting enterprises. Continue Reading
-
News
30 May 2019
Recorded Future acquired by private equity firm for $780 million
Recorded Future said the $780 million acquisition agreement with private equity firm Insight Partners affirms the growing importance of threat intelligence for enterprises. Continue Reading
-
News
28 May 2019
Cylance CSO: Let's name and shame failed security controls
Malcolm Harkins, the chief security and trust officer at BlackBerry Cylance, says security controls that don't live up to their billing should be taking more blame for data breaches. Continue Reading
-
News
23 May 2019
Microsoft bets on ElectionGuard SDK to fortify election security
Ahead of the 2020 elections, Microsoft unveiled ElectionGuard, an open source SDK designed to provide end-to-end verification of electronic voting machine results. Continue Reading
-
Feature
20 May 2019
What makes BSA's secure software development framework unique?
BSA rolled out a new secure software development framework in an effort to promote best practices for secure software development and improve security for all. Continue Reading
-
News
16 May 2019
New executive order moves to ban Huawei
U.S. businesses are barred from dealing with Huawei following an executive order from the White House and the additions of Huawei and its affiliates to a trade blacklist. Continue Reading
-
Feature
15 May 2019
Women in cybersecurity work to grow voice in US lawmaking
To encourage more input from women in cybersecurity in the legislative process, the Executive Women's Forum went to Washington to discuss key issues with Congress. Continue Reading
-
News
10 May 2019
Symantec CEO Greg Clark unexpectedly steps down
Cybersecurity giant Symantec is searching for a new CEO once again after Greg Clark unexpectedly resigned from the vendor after three years at the helm. Continue Reading
-
News
02 May 2019
White Ops: Ad fraud bot activity waning, but threats still loom
A new study from security vendor White Ops shows a decline in digital ad fraud, but the company says the battle against cybercriminals abusing ad platforms is far from over. Continue Reading
-
Feature
01 May 2019
Top cloud security risks that keep experts up at night
Hackers are after your assets in the cloud. Here's how they get in and what you can do to plug security holes, starting with minimizing the risks created through human error. Continue Reading
-
News
22 Apr 2019
Marcus 'MalwareTech' Hutchins pleads guilty to Kronos charges
Marcus 'MalwareTech' Hutchins, known as being an integral player in stopping the WannaCry ransomware outbreak, pleads guilty to conspiring to create and distribute the Kronos banking Trojan. Continue Reading
-
Feature
15 Apr 2019
Challenges and benefits of using the Mitre ATT&CK framework
Taking the first step might be the biggest hurdle to using the Mitre ATT&CK cybersecurity framework. Find out more about the benefits, challenges and how to get started. Continue Reading
-
Tip
12 Apr 2019
Top 5 reasons for a zero-trust approach to network security
As network perimeters disintegrate and enterprises adopt cloud computing, discover the top reasons organizations are opting for a zero-trust approach to network security. Continue Reading
-
Feature
29 Mar 2019
HPE takes aim at STEM and cybersecurity education, awareness
HPE CISO Liz Joyce worked with the Girl Scouts on an educational cybersecurity game for girls and ensures HPE's Women in Cybersecurity encourages more women to join the industry. Continue Reading
-
Feature
29 Mar 2019
New game provides cybersecurity education for Girl Scouts
A new game provides cybersecurity education for Girl Scouts, who can earn virtual and real badges by playing. HPE's Liz Joyce talks about the partnership that led to the game. Continue Reading
-
Tip
28 Mar 2019
Simplify incident response for zero-day vulnerability protection and beyond
Protection against a zero-day vulnerability and other cyber-risks is complicated, but simplifying cybersecurity incident management could be the key to protecting online assets. Continue Reading
-
Opinion
26 Mar 2019
2019 RSA Conference bottom line: People are security's strongest asset
People in the security community and beyond are more important and influential than the leading technologies if the talk at the 2019 RSA Conference is any indication. Continue Reading
-
Feature
26 Mar 2019
Zero-trust security model primer: What, why and how
What exactly is a zero-trust security model? This primer explains the basics about the philosophy behind how designing a security architecture strictly limits access to all, not just outsiders. Continue Reading
-
Podcast
22 Mar 2019
Risk & Repeat: RSA Conference 2019 in review
This week's 'Risk & Repeat' podcast looks back at RSA Conference and discusses the show's diversity and inclusion efforts as well as the top trends and sessions from the show. Continue Reading
-
News
22 Mar 2019
Chris Wysopal talks blockchain hype and realistic uses
While marketers ride the hype train around blockchain, Chris Wysopal says there are realistic uses for the technology. And there are blockchain risks that need to be considered, as well. Continue Reading
-
Tip
20 Mar 2019
How automated patch management using SOAR can slash risk
Learn how to use security orchestration, automation and response, also known as SOAR, to ease the hassle of mundane tasks related to patch management. Continue Reading
-
Tip
20 Mar 2019
Automating incident response with security orchestration
Security orchestration, automation and response technology is now seen as a key aid to security pros attempting to thwart an onslaught of cyberattacks. Continue Reading
-
Tip
20 Mar 2019
Plugging the cybersecurity skills gap with security automation
Security automation and response promises to help alleviate the shortage of qualified cybersecurity pros. Learn how SOAR helps security teams work smarter, not harder. Continue Reading
-
News
19 Mar 2019
Bobbie Stempfley: Cybersecurity AI has a long way to go
Many cybersecurity vendors have embraced AI and machine learning, but CERT Division's Bobbie Stempfley says more work is needed around testing algorithms and validating results. Continue Reading
-
Tip
06 Mar 2019
How bellwether cybersecurity technologies predict success
Bellwether cybersecurity technologies -- advanced endpoint security, behavioral threat analytics and a trio of cloud-based apps -- are used by successful cybersecurity teams. Find out why. Continue Reading
-
News
22 Feb 2019
Security automation on display in 2019 RSAC Innovation Sandbox
Security automation will be a factor when most innovative startup is chosen at this year's RSAC Innovation Sandbox since almost all finalists use automation to improve security. Continue Reading
-
News
22 Feb 2019
Supply chain cybersecurity is a hot topic for RSAC 2019
Following years of AI climbing the hype wheel at RSA Conference, the topic is no longer one of the most prevalent as supply chain and infrastructure fears take focus at RSAC 2019. Continue Reading
-
Tip
20 Feb 2019
Key steps to put your zero-trust security plan into action
There are three key categories of vendor zero-trust products. Learn what they are, and how to evaluate and implement the one that's best for your company. Continue Reading
-
News
19 Feb 2019
Palo Alto Networks to acquire SOAR vendor Demisto
Palo Alto Networks announced its plan of acquiring SOAR vendor Demisto for $560 million to accelerate its Application Framework strategy and beef up security operations automation. Continue Reading
-
Feature
01 Feb 2019
Top 10 CISO concerns for 2019 span a wide range of issues
From dealing with data and staffing shortages to adapting to an ever-expanding set of job responsibilities, CISOs face an array of serious issues in 2019. Continue Reading
- 01 Feb 2019
-
Opinion
01 Feb 2019
What a proactive cybersecurity stance means in 2019
Meeting cyberthreats head-on is no longer a choice but a necessity. Learn what dangers IT security teams may face in 2019 and why a proactive attitude is vital. Continue Reading
- 01 Feb 2019
-
Feature
31 Jan 2019
RSAC's diversity and inclusion initiative stresses equality on keynote stage
RSA Conference curator Sandra Toms hopes a new diversity and inclusion initiative will facilitate change in the cybersecurity industry, starting with the upcoming 2019 conference. Continue Reading
-
Tip
25 Jan 2019
Cybersecurity maturity model lays out four readiness levels
To assess cybersecurity maturity, Nemertes Research developed a four-point scale to determine a company's ability to effectively detect, understand and contain breaches. Continue Reading
-
Podcast
23 Jan 2019
Risk & Repeat: DNC renews election hacking concerns
This week's Risk & Repeat podcast looks at the claims of the Democratic National Committee that Russian hackers tried to breach its network following the midterm elections. Continue Reading
-
Tip
23 Jan 2019
How to defend against malicious IP addresses in the cloud
Cybercriminals have found a way to use the cloud to mask their locations. Expert Rob Shapland looks at the options organizations have to deal with malicious IP addresses. Continue Reading
-
News
22 Jan 2019
DerbyCon's Dave Kennedy: The conference 'got too big'
DerbyCon co-founder Dave Kennedy discusses his decision to close down the conference and what he would have done differently. Continue Reading
-
News
18 Jan 2019
This year's DerbyCon conference will be the last
Citing an inability to manage 'negativity, polarization, and disruption' at the conference, DerbyCon organizers unexpectedly announced this year's show will be the last. Continue Reading
-
News
17 Jan 2019
Shutdown of federal security services puts private sector at risk
In addition to putting government agencies at risk, the shutdown has impacted federal security services and resources that the private sector relies on to keep enterprises safe. Continue Reading
-
News
17 Jan 2019
Government cybersecurity at risk as shutdown lingers
As the shutdown continues, experts believe government cybersecurity will become more vulnerable, and government IT staff could leave for the private sector. Continue Reading
-
News
16 Jan 2019
Enterprises betting on SOAR tools to fill security gaps
Security experts sound off on the importance and benefits of automating security, and highlight factors to be considered before implementing SOAR tools. Continue Reading
-
Podcast
16 Jan 2019
Risk & Repeat: Expired certificates loom amid government shutdown
This week's Risk & Repeat podcast looks at the expiration of more than 80 TLS certificates for U.S. government websites amid the ongoing government shutdown. Continue Reading
-
News
11 Jan 2019
Kaspersky Lab aided NSA hacking tools investigation
News roundup: According to a new report from Politico, Kaspersky Lab aided the NSA in catching alleged data thief Harold Martin. Plus, telecoms are selling customer data, and more. Continue Reading
-
News
28 Dec 2018
Government data requests rise, as does Apple's compliance
Apple's latest Transparency Report shows government data requests on the rise around the world, as is Apple's compliance in providing the data being requested by law enforcement. Continue Reading
-
Opinion
27 Dec 2018
How paradigms shifting can alter the goals of attackers and defenders
The use of disruptive technology is altering the way attackers and defenders set goals for network security. Learn more about the shifting field with Matt Pascucci. Continue Reading
-
News
21 Dec 2018
DOJ indicts two Chinese nationals for APT10 group cyberattacks
The Department of Justice indicted two alleged members of the Chinese state-sponsored hacking group APT10, which hacked managed service providers to steal data from enterprises. Continue Reading
-
News
20 Dec 2018
NASA data breach included employee Social Security numbers
Limited details leave questions surrounding a possible NASA data breach that could have compromised Social Security numbers for current and former employees. Continue Reading
-
News
14 Dec 2018
Initial RSA Conference 2019 keynote lineup released
RSA Conference 2019's diversity and inclusion initiative appears to be paying off, as the initial keynote speaker lineup has equal representation for men and women speakers. Continue Reading
-
Podcast
13 Dec 2018
Risk & Repeat: NRCC breach stokes election security fears
This week's Risk & Repeat podcast looks at the recently disclosed cyberattack on the National Republican Congressional Committee and the questions that remain about it. Continue Reading
-
News
12 Dec 2018
Equifax breach report highlights multiple security failures
An Equifax breach report, based on a government investigation, blamed the incident on multiple security failures and concluded the breach was preventable. Continue Reading
-
Podcast
07 Dec 2018
Risk & Repeat: RSA Conference 2019 eyes diversity improvements
This week's Risk & Repeat podcast looks at RSA Conference's diversity and inclusion initiatives and discusses what they mean for both the event and the infosec industry. Continue Reading
-
Blog Post
30 Nov 2018
Are US hacker indictments more than Justice Theater?
New hacker indictments and U.S.Treasury Department sanctions highlight the disconnect between government action and real world consequences for threat actors. Continue Reading
-
News
30 Nov 2018
RSA Conference launches diversity and inclusion initiative
Following the criticism of the last conference, RSA Conference started a diversity and inclusion initiative that, among many other changes, eliminates all-male panels. Continue Reading
-
News
30 Nov 2018
Spectre v2 mitigation causes significant slowdown on Linux 4.20
News roundup: A Spectre v2 mitigation causes significant performance slowdowns in Linux 4.20. Plus, Dell had to reset user passwords after a data breach, and more. Continue Reading
-
Opinion
30 Nov 2018
Why U.S. election security needs an immediate overhaul
There's no evidence that threat actors have been able to manipulate or change vote counts in our elections, but Kevin McDonald says that doesn't mean it can't -- or won't -- happen. Continue Reading
-
News
29 Nov 2018
SamSam ransomware actors charged, sanctioned by US government
The FBI indicted two threat actors involved with the SamSam ransomware attacks while the US Treasury sanctioned two others for their role in exchanging Bitcoin earned from attacks. Continue Reading
-
Blog Post
29 Nov 2018
Will cybersecurity safety ever equal air travel safety?
Guaranteeing cybersecurity safety is one of the biggest challenges facing the tech industry, but using aviation safety as a model may help achieve that goal. Continue Reading
-
News
16 Nov 2018
After 2015 OPM data breach, agency failed to update security
News roundup: Three years after the OPM data breach, the agency still hasn't implemented basic security. Plus, seven new Meltdown, Spectre attacks were uncovered, and more. Continue Reading
-
Podcast
08 Nov 2018
Risk & Repeat: MIT CSAIL discusses securing the enterprise
This week's Risk & Repeat podcast discusses the MIT CSAIL Securing the Enterprise conference and how experts there advocated for new strategies and approaches to infosec. Continue Reading
-
News
08 Nov 2018
U.S. Cyber Command malware samples to be logged in VirusTotal
The Cyber National Mission Force will share unclassified U.S. Cyber Command malware samples to VirusTotal and one expert hopes there will be more action taken to help researchers. Continue Reading
-
News
06 Nov 2018
Latest Symantec acquisitions target endpoint security
Endpoint security startups Appthority and Javelin Networks are the latest Symantec acquisitions as the cybersecurity giant aims to improve its endpoint protection product. Continue Reading
-
Tip
31 Oct 2018
NIST incident response plan: 4 steps to better incident handling
The NIST incident response plan involves four phases enterprises can take to improve security incident handling. Expert Mike O. Villegas reviews each step. Continue Reading
-
News
23 Oct 2018
Healthcare.gov breach exposes data on 75,000 people
Malicious actors attacked a back-end insurance system and the resulting Healthcare.gov breach exposed an unknown amount of data on 75,000 people. Continue Reading
-
Answer
22 Oct 2018
What are DMARC records and can they improve email security?
Last year, the U.S. federal government mandated that by October 2018, all agencies must have DMARC policies in place. Learn how complicated this requirement is with Judith Myerson. Continue Reading
-
Podcast
19 Oct 2018
Risk & Repeat: Military cybersecurity scrutinized in GAO report
This week's Risk & Repeat podcast discusses the GAO report on vulnerabilities and weaknesses in modern weapons systems and what they mean for the U.S. military. Continue Reading
-
News
12 Oct 2018
Facebook breach affected 20 million fewer than thought
The recent Facebook breach affected 20 million fewer accounts than was previously thought. The company now says 29 million accounts had data exposed to attackers. Continue Reading
-
News
11 Oct 2018
U.S. weapon systems cybersecurity failing, GAO report says
A U.S. Government Accountability Office report gave failing grades to military weapon systems cybersecurity, but some experts say the report should be a source of encouragement. Continue Reading
-
Tip
10 Oct 2018
Give your SIEM system a power boost with machine learning
The enterprise SIEM is still essential to IT defenses, but the addition of AI, in the form of machine learning capabilities, gives it even more potential power. Continue Reading
-
News
09 Oct 2018
U.S. government domain officials to start using 2FA
The government domain registrar -- DotGov -- began rolling out two-factor authentication for officials managing .gov domains in order to mitigate against DNS hijacking. Continue Reading
-
News
05 Oct 2018
Compromised Supermicro chips reportedly infiltrated US
News roundup: A Bloomberg report claimed China infiltrated U.S. companies and government agencies through tiny Supermicro chips on motherboards. Plus, a new Telegram flaw and more. Continue Reading
-
Blog Post
01 Oct 2018
FBI, DHS blaming the victims on Remote Desktop Protocol
FBI, DHS call on users to mitigate Remote Desktop Protocol vulnerabilities and handle RDP exploits on their own, even as the "going dark" campaign continues unabated. Continue Reading
-
Opinion
25 Sep 2018
Why a unified local government security program is crucial
When considering a local government cybersecurity program, companies must understand the dangers of not having one. Matt Pascucci explains why a program designed to monitor the public sector is crucial. Continue Reading
-
News
21 Sep 2018
White House National Cyber Strategy praised by experts
The new National Cyber Strategy released by the White House details plans for improving cybersecurity and garners positive early reviews from experts for its comprehensiveness. Continue Reading
-
News
21 Sep 2018
Mirai botnet creators avoid jail time after helping the FBI
News roundup: The Mirai botnet creators will not serve time in prison after they worked with the FBI. Plus, the Department of Defense updated its cyber strategy, and more. Continue Reading
-
Podcast
30 Aug 2018
Risk & Repeat: Are the Meltdown and Spectre flaws overhyped?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss whether or not Meltdown and Spectre deserved to be nominated for the Pwnie Awards' Most Overhyped Bug. Continue Reading
-
News
30 Aug 2018
Congress wants CVE program changes from DHS and MITRE
In a letter to DHS and MITRE, Congress said CVE program management has been 'insufficient' and called for the program to receive more consistent funding and additional oversight. Continue Reading
-
Feature
28 Aug 2018
Diversity at cybersecurity conferences is too important to ignore
Diversity at cybersecurity conferences became a hot topic in early 2018. Innovation Women founder Bobbie Carlton discusses why it takes more work to get women in security on stage. Continue Reading
-
Feature
24 Aug 2018
Innovation Women founder strives to close gender gap at conferences
Innovation Women founder Bobbie Carlton discusses the all-male, all-pale panels that overwhelm tech conferences and that moved her to change the number of female speakers. Continue Reading
