Latest

►

Incident & Breach Response

Are You APT-Ready? The Role of Breach and Attack Simulation

Mathew J. Schwartz  •  June 18, 2019

With the volume of data breaches and cyberattacks continuing to rise, organizations are increasingly relying on breach and attack simulation tools to provide more consistent and automated validation of controls, says Cymulate's Tim Ager.

►

Application Security

Securing the Software Supply Chain

Nick Holland  •  June 18, 2019

What steps can be taken to eliminate vulnerabilities in the software supply chain? Ilkka Turunen of Sonatype offers practical insights.

►

Artificial Intelligence & Machine Learning

Using AI to Detect Cyber Risks

Nick Holland  •  June 18, 2019

Artificial Intelligence is coming of age as a key tool in the security analyst's arsenal, says David Atkinson, founder and CEO of Senseon, who highlights key benefits of the technology.

►

Standards, Regulations & Compliance

Compliance in a Hybrid Environment

Nick Holland  •  June 18, 2019

How can organizations deal with compliance issues in a hybrid environment? Don Closser of Firemon discusses compliance in the age of cloud computing.

Endpoint Security

DHS Is Latest to Warn of BlueKeep Vulnerability

Scott Ferguson  •  June 17, 2019

Yet another warning has been issued about the BlueKeep vulnerability in older versions of Microsoft Windows. The latest comes from the Department of Homeland Security, which tested a remote code execution exploit.

►

Governance

Enhancing Security by Red Teaming

Nick Holland  •  June 17, 2019

James Stanger, chief technology evangelist at CompTIA, explains why red teaming can prove highly beneficial in improving organizational security controls.

Endpoint Security

Alerts: Some BD Infusion Pumps Vulnerable to Remote Attacks

Marianne Kolbasuk McGee  •  June 14, 2019

Medical device vendor Becton Dickinson and U.S. federal regulators have issued security alerts about vulnerabilities that potentially put certain infusion pump products from the manufacturer at risk for remote hacker attacks.

Cybercrime

10 Highlights: Infosecurity Europe 2019 Keynotes

Mathew J. Schwartz  •  June 14, 2019

Data breaches, incident response and complying with the burgeoning number of regulations that have an information security impact were among the top themes at this year's Infosecurity Europe conference in London. Here are 10 of the top takeaways from the conference's keynote sessions.

►

Geo Focus: The United Kingdom

Fusing Security With Digital Transformation for SMBs

Nick Holland  •  June 13, 2019

Digital transformation impacts the way that organizations deal with cybersecurity risk, says Tim Wilkinson of Avast Business, who provides advice how to place security at the center of the transformation.

►

Training & Security Leadership

Addressing the Human Element in Cybersecurity

Nick Holland  •  June 13, 2019

James Mackay of MetaCompliance explains techniques for educating and motivating employees to be more aware of cyber risks.

►

Artificial Intelligence & Machine Learning

Empower Employees While Preventing Insider Data Breaches

Mathew J. Schwartz  •  June 13, 2019

Carelessness, a lack of security awareness, unclear data ownership and poor toolsets are root causes of insider breaches, says Tony Pepper, CEO of Egress, which recently surveyed CISOs and employees to trace the cause of insider breaches resulting from both intentional and unintentional loss.

►

Endpoint Security

Top Drivers for Privileged Account Management

Mathew J. Schwartz  •  June 13, 2019

When it comes to drivers for implementing and maintaining privileged access management programs, Wallix's Grant Burst says that demonstrating compliance and safety remain top priorities. Another driver, he says, is the sheer interconnectedness of devices - driven by the rise of IoT.