As recent breaches attest, today's approaches to cybersecurity are insufficient. Kim DeCarlis of Gigamon offers her views on what organizations must do differently to ensure stronger cybersecurity postures.
Eduard Goodman, global privacy officer of CyberScout, doesn't like the disorganized way most cyber incidents are handled now. Instead, he would like to see a more project management approach. Here are the benefits he foresees.
With the rise of P2P payment networks and the U.S. working toward a real-time national payments network, the push is on to battle fraudsters. Also, attackers are hacking legitimate websites to more stealthily distribute "Gandcrab" crypto-locking ransomware.
The Gandcrab ransomware has been a moving target. Since it was discovered in January, it quickly became one of the most widely distributed file-encrypting malware programs. Researchers with Cisco say they've now found it seeded within legitimate websites, making its spread tougher to stop.
DDoS attacks are morphing from being political statements to a diversion while other forms of attacks are occurring, says Arbor Network's Mike Boose, who describes new threat vectors and best practices for mitigation.
When it comes to fraud, enterprise data has a story to tell, and it's up to security and fraud leaders to know how to interpret that story. Jim Apger of Splunk discusses reading and reacting to these stories.
Adequately tracking the nonstop arrival and departure of officials in the Trump White House might require real-time, multidimensional flowcharts. But one thing is clear: The White House is facing a looming cybersecurity knowledge and expertise deficit, and that deficit may soon get worse.
Security alert: Microsoft has issued updates to fix 67 unique flaws in its products. One vulnerability in Windows VBScript engine is already being actively exploited in the wild via malicious Word documents and could also be employed for attacks via websites and malvertising, Microsoft warns.
Critical infrastructure, including electricity grids and telecommunications networks, is under attack. Optiv's Brian Wrozek discusses the challenges CISOs face in dealing with increasingly connected industrial devices.
Spectre and Meltdown: It's déjà vu all over again as Intel is reportedly prepping a coordinated vulnerability disclosure announcement for eight new speculative execution flaws. One of the new flaws is apparently worse than any of the three Spectre/Meltdown variants that came to light in January.