While security teams continue to add to their threat protection arsenal, they are struggling to keep up with the threats. Security information and event management (SIEM) products, threat analytics platforms, advanced endpoint protection (AEP) products, user entity behavior analytics (UEBA) tools, and incident...
CISOs and security analysts alike complain that security information and event management (SIEM) technology has not fully lived up to its promises. Even with SIEM systems in place, enterprises still suffer from alert fatigue, and security teams armed with SIEM event and flow data still miss untold numbers of attack...
Our objective, as the industry's largest global media organization, is to bring you the most important bits from the conference, whether you attended the event or are experiencing the content now for the first time. Call this the Best of RSA Conference 2017.
Attackers are increasingly targeting mobile channels, driving banks to seek better ways of verifying the authenticity and integrity of not just users, but also mobile devices and transactions, says John Gunn of cybersecurity technology firm Vasco Data Security.
Paid breach notification site LeakedSource has disappeared. Given the site's business model - selling access to stolen credentials to any potential buyer - breach notification expert Troy Hunt says the site's demise is no surprise.
New ransomware circulating via BitTorrent is disguised as software that purports to allow Mac users to crack popular Adobe and Microsoft applications. Separately, new ransomware calling itself Trump Locker appears to be the previously spotted VenusLocker ransomware in disguise.
Emerging insider threats have quickly proven that the proverbial "walled garden" is not so walled after all, and without true end-to-end encryption, insiders and outsiders can compromise sensitive data, says Dr. Phillip Hallam-Baker of Comodo Group.
Through a technique known as "retrospection," organizations can replay attacks, going back to scan their networks for malware identified after their networks were infected, says Ramon Peypoch of Protectwise.
Every year, information security professionals flock to San Francisco for the annual RSA Conference. From the debut of "Trumpcryption" to cybersecurity's "greatest hits" set to hip-hop violin, here are some of the 2017 event's highlights.
Staying current in threat detection is key, which is why more security companies need to embrace a more open way of thinking when it comes to solutions integration, says Christopher Kruegel, CEO of Lastline.
As more IoT devices are compromised to wage large-scale attacks, related litigation and regulatory scrutiny will grow, which means device manufacturers - and users - could be held more accountable, says Richard Henderson, global security strategist at Absolute.
Risk analysis is at the core of most card fraud prevention platforms used today, says Carol Alexander of CA Technologies. But what if the industry could take the lessons it's learned to other channels, enabling banking institutions to more readily identify potentially fraudulent transactions before they happen?
Organizations are increasingly turning to user behavioral analytics to help more quickly detect new attacks - emanating from inside or outside the enterprise - as well as mitigate those threats, says CA's Mark McGovern.
Because most malware is spread via phishing, experts at Webroot are focusing their attention on stopping phishing attacks before they have a chance to infect a system with malicious code, says David Dufour, the company's senior director of engineering and cybersecurity.