Applying a "zero trust" model is fast becoming essential for organizations as the mobile workforce uses a variety of devices to access applications and services running in-house and with external providers, says Duo Security's Jaret Osborne.
Mike Krygier of the New York City Cyber Command outlines threats to connected cities and critical infrastructure, including ransomware, and what steps can be taken to mitigate risks
Artificial intelligence and machine learning must be judiciously used, such as when monitoring internet of things devices, says David De Roure, professor of e-research at the University of Oxford, who offers insights on IoT risk management.
A federal grand jury indictment of Seattle software engineer Paige A. Thompson charges her with stealing 100 million records from Capital One, stealing data from at least 29 other organizations, as well as using hacked cloud computing servers to mine for cryptocurrency.
Security firm Imperva is notifying some of its Cloud Web Application Firewall customers about a "security incident" that exposed certain data, CEO Chris Hylen reports in a blog post. What risks does the exposure create?
French police say they've disrupted the operations of the Retadup malware gang by subverting attackers' command-and-control infrastructure to delete the malicious code from 850,000 infected PCs and servers worldwide. The move came after police received a tip and technical assistance from security firm Avast.
Network detection and response, endpoint detection and response, and SIEM are the "visibility triad" of critical data sources for effective threat hunting and incident response, says Matt Cauthorn of Extrahop, who explains why.
Within a month, the U.S. Department of Homeland Security hopes to launch a program to help states protect voter registration databases and systems in advance of the 2020 presidential election. Security experts say that in light of recent ransomware attacks against units of government, the effort is overdue.
Apple released a patch on Monday that fixes a bug it accidentally reintroduced in a previous patch update. The flaw allowed iOS enthusiasts to jailbreak their up-to-date devices, but also could have been put to malicious use by hackers.
F. Ward Holloway of Forescout Technologies sorts through what he sees as common misconceptions about the "zero trust" approach to security, including the assumption that it can prove to be too costly and complex to implement.
Today's machine-speed attacks require an autonomous machine-speed response to mitigate the risk, says David Masson of Darktrace, who offers strategic insights.
When crafting an identity and access management strategy, organizations need to balance the need for improved security with giving employees the freedom they need to do their jobs, says John Bennett of LastPass by LogMeIn.
More organizations are applying a highly automated "zero trust" model to ensure that they only give the right amount of privilege to the right user for the right amount of time, says Markku Rossi, CTO of SSH Communications Security.
The decline of the network perimeter as the cornerstone of enterprise cybersecurity means that CIOs and CISOs are increasingly focusing on identity to ensure that only the right people connect to systems, says Okta's Clare Cunniffe.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.