Australian companies are improving their cybersecurity, but fear the impact that incidents could have on their operations. The finding comes from the first-ever cybersecurity survey of Australia's largest companies.
Bryce Austin, a former technology lead at Target during the retailer's massive November 2013 breach, says the role of the CISO needs to evolve, ensuring that cybersecurity is balanced with the overall needs of the company. He claims tying the CISO's performance to the company's revenue is the best way to do that.
Good news for Microsoft Windows users: The Equation Group exploit tools dumped this month by Shadow Brokers don't work against currently supported versions of Windows, largely thanks to patches Microsoft released in March. But who tipped off Microsoft?
This paper identifies key requirements of a flexible security framework, and explores how enterprises can use APIs to extract signals that enhance their existing security ecosystem.
Download the Framework for Resilient Cybersecurity and learn how to:
Evaluate the threat landscape;
Choose the right security tools...
Too many businesses assume that the internet will be around forever, but that's faulty thinking and an impractical business practice, says Information Security Forum's Steve Durbin, a featured speaker at Information Security Media Group's Fraud and Breach Prevention Summit in Atlanta this month.
Bryce Austin is a certified chief information security manager who weathered the storm as a senior group manager at Target during the retailer's November 2013 breach - a breach that resulted in the exposure of 40 million payment cards and personally identifiable information linked to an additional 70 million...
When it comes to the motivations driving Eastern European cybercriminals, "pseudo-anti-Americanism" is big, says Vitali Kremez, a researcher with intelligence firm Flashpoint who regularly infiltrates cybercrime forums.
More than 60,000 servers running Microsoft's out-of-support IIS 6.0 server software may be vulnerable to a newly revealed zero-day exploit. No patch will be produced, but a workaround can blunt an attack.
As the threat landscape evolves, with risks exposed by newer technologies and commoditization of attack infrastructure, the motives of targeted attackers may also be evolving as they try new ways to influence change in an increasingly digital world.
The 2017 Magic Quadrant summarizes Gartner's yearly analysis of the Data Loss Prevention (DLP) market, examines the innovations driving that market and compares the positions of leading competitors.
Download the report to learn about:
DLP vendor evaluations, including strengths and cautions;
The Enterprise Data...
Since March 2016, the OCR has been increasingly aggressive in bringing enforcement actions against healthcare organizations who have had PHI compromised through data breaches.
Get this guide to learn the important aspects of the Health Information Portability and Accountability Act (HIPAA) and how an appropriate...
InfoSec professionals will perennially be challenged with more to do than time, budget, and staffing will allow. The most effective method to address this is through prioritization, and in the case of your growing data, prioritization comes from data classification.
In this guide you will learn what classification...
With the rapid changes in the threat landscape and the risks introduced by DevOps, the cloud and other new elements, organizations need to have a continuous vulnerability assessment program as a security baseline, says Richard Bussiere of Tenable Network Security.
The security landscape changed dramatically with the maturation of crypto-ransomware. Not only did this new type of malware bring about a more lucrative business model for attackers, it also spurred the adoption of many so-called 'next-gen' endpoint security techniques.
While these techniques bring impressive new...