Would encryption, two-factor authentication and other measures stop a determined adversary from stealing millions of U.S. government personnel files? No, a former CIA CISO says. Read how Robert Bigman would defend against OPM-style cyber-attacks.
EdgeWave's Mike Walls, a former bomber pilot who led Navy red teams, says penetration testing is useful in analyzing bits and bytes but not the readiness of operations under attack from cyberspace. Red teams, he says, can analyze the impact on operations.
Too few security systems interoperate, which makes it difficult for organizations to block or detect data breaches. But Cisco has an interoperability plan to improve the state of cybersecurity defenses, Chief Security Architect Martin Roesch says.
To help organizations discover what they don't know is happening on their networks, Darktrace uses machine learning to create advanced baselines of normal behavior, then sounding alarms when it sees deviations.
A new breach reported by Heartland Payment Systems won't get much attention. But this incident could be more damaging to the undisclosed number of consumers affected than was Heartland's 2008 payment card breach.
Visa has agreed to increase the reimbursement paid to banking institutions that must reissue cards in the wake of a merchant breach. Now the smaller card issuers, such as community banks, are getting paid the most.
To better secure enterprise networks, as well as detect and respond more rapidly to data breaches, businesses need to know the who, what, where, when and why of all endpoints that connect to network resoruces, says ForeScout's Sandeep Kumar.
Are you heading to RSA Conference 2015 in San Francisco? If so, be sure to connect with Information Security Media Group. We'll be out in full force on the Expo floor, as well as running a number of must-attend sessions and events.
Leaders and top practitioners from numerous federal government agencies will transplant themselves to San Francisco this coming week to share their knowledge on a wide range of topics at RSA Conference 2015.
Troy Leach of the PCI Security Standards Council says data security standards are not failing; they just aren't being applied continuously. And conformance with the Payment Card Industry Data Security Standard is just one piece of the puzzle.
Russian and European malware and spam purveyors have been hijacking Internet routes. Pending a massive infrastructure upgrade, security experts warn that such attacks can be detected, but not easily blocked.
Starting in April, Singapore plans to have a dedicated and centralized cybersecurity agency. But experts question whether the agency can take a holistic approach and effectively coordinate with industry.
Nobody wants to be a cyber-attacker's first victim. But there are benefits to being second or third, says Akamai's Mike Smith. Then you get to enjoy the true benefits of the oft-discussed information sharing.