Yahoo CEO Marissa Mayer will lose her cash bonus after an independent investigation into security breaches at the search giant found that the company's senior executives and legal team failed to properly comprehend or investigate the severity of the attacks.
Cloud computing initiatives, network monitoring and risk management are driving network security operations. Meanwhile, federal agencies face record levels of threats yet still rely on manual processes and outdated point tools. Agency network security operations must be modernized to streamline network security...
Insider threats pose high risks to all enterprises. No organization, regardless of size, industry or region, is immune. With all the advantages that the digital age has brought us (and they are many) it has also brought a rise of highly damaging data breaches, from both internal and external sources.
Regardless of...
Certification and accreditation (C&A) has been like alphabet soup. As it transitions to assessment and authorization (A&A), it's time to sort through the confusion and identify which terms and processes apply in any given situation.
This paper sorts through the confusion to identify which terms, approaches, and...
VASCO Data Security's Scott Clements on Aligning Security with User Experience
With great efficiencies and cost savings also come great threats and fraud risks. This is today's digital reality, and it is why cybersecurity and the user experience need to be aligned to create digital trust, says Scott Clements of VASCO...
Many IT professionals use remote administration tools to troubleshoot and fix PC problems remotely, just as if they were sitting behind the keyboard themselves. But these tools are also used for different purposes today. Both nation states and hacktivists use modified these tools, creating Remote Access Trojan's...
Firewall complexity is leaving companies exposed. The technology to keep company networks safe exists, but it isn't being managed properly. Firewall technology has come a long way since its initial, most rudimentary forms. Next-Generation Firewalls (NGFW) are the latest development, and organizations are accelerating...
As cyber threats become more complex in nature and the attack surface grows, enterprises are shifting to a risk-centric threat identification, containment, and remediation security strategy, prioritizing investments in tools and capabilities to detect threats and respond to incidents faster and more...
College student Zachary Shames, who's pleaded guilty to developing and selling Limitless Logger spyware, was outed to the FBI by security firm Trend Micro after Shames failed to compartmentalize his online activities. Turns out hiding your identity online is harder than it might appear.
As enterprises continue to outsource more aspects of their operations to third parties, they expose themselves to more shared risk. It can be a staggering responsibility. Most organizations understand the need to automate vendor risk management activities to keep up with increasing scope and scrutiny. Yet they...
Encrypted web communication routinely bypasses enterprise security controls. Left unscanned, these channels are perfect vehicles for hiding infection, command & control, and data exfiltration.
The malicious use of encryption is growing at an alarming rate, from 104 in 2014, to 13,542 as of mid-2016, according to...
Encryption keeps data confidential, but we're left unprotected from threats that may be embedded in the data. In fact, encryption actually conceals these threats and adds network performance burdens for organizations that wish to inspect encrypted traffic.
The first in a series on encryption, this technical brief...
Breach detection systems (BDS) are security products that offer timely detection of threats. When evaluating these products, customers must take into account traditional factors, such as security effectiveness, deployment options, performance and administrative capabilities.
Since cybercriminals prize new threats...
Advanced endpoint protection (AEP) products are still relatively immature, which makes it difficult to decide whether to replace or augment existing endpoint protection (EPP). Adding to the difficulty in assessing AEP products is the fact that measuring some of their features can be complicated.
AEP products are...
Despite significant investments in the signature-based defenses of today's network, email and endpoint security solutions, since 2010, these solutions have been ineffective against the sheer volume of evolving malware. Security and risk professionals have turned to automated malware analysis (AMA) for help. These...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.