The U.S. Securities and Exchange Commission is planning to update its 6-year-old cybersecurity guidance for how publicly traded firms report data breaches to investors. Experts expect the refined guidance to cover insider trading program rules, breach notifications and business models.
In the Face of Advanced Threats, is Your Organization's Security Posture Reactive or Proactive?
Today's most advanced threat actors - whether external or internal - are stealthier than ever and able to hide within one's systems for days, weeks or even months as they gather intel and prepare to strike. Sixty-one...
If you want to anticipate a prospective hacker's moves, then you'd better be able to think like one. Whether corporations like it or not, they're actually being tested by cyber criminals as we speak.
Download this whitepaper on ethical hacking and learn:
The definition of then term "cyologist";
Why we need to...
A recently published 2017 survey of over 400 security professionals in the U.S., U.K. and Germany measured how well their organizations implemented security controls for SSH keys. The results show that most organizations are underprepared to protect against SSH-based attacks, with fewer than half following industry...
SSH keys provide the highest level of access rights and privileges for servers, applications and virtual instances. Cyber criminals want this trusted status and invest considerable resources into acquiring and using SSH keys in their attacks.
Even though SSH keys are the credentials that provide the most privileged...
With just a few months left until the EU's General Data Protection Regulation will be enforced, too many so-called "experts" are spreading fear and falsehoods about the regulation, says Brian Honan, a Dublin-based cybersecurity consultant, who clarifies misperceptions in an in-depth interview.
The latest ISMG Security Report features a special report on securing medical devices. Healthcare security leaders from the FDA, an academic medical center and a medical device manufacturer share their insights on the challenges involved.
2016 was a year where more was more in the security world. The implications of the unprecedented leaks of comprehensive data sets, from political to intellectual property concerns, will have major impacts on the security landscape for years to come.
Download this whitepaper and learn:
Why classic attack vectors...
Are unpatched vulnerabilities leaving you at risk?
At the rate of almost half of all attack types, hackers are using injection attacks to take advantage of vulnerabilities in operating systems and applications to penetrate networks and databases.
Download this whitepaper and learn:
How attackers are using...
With both money and personal information at stake, financial services organizations continue to be a magnet for cybercrime.
Download this whitepaper and learn about:
Notable attacks against financial institutions in 2016;
Prevalent methods of attack utulized by cybercriminals;
Best practices for banks to...
If you want to anticipate a prospective hacker's moves, then you'd better be able to think like one. That's the position of Terry Cutler, an ethical hacker who dedicates his time to testing organization's cybersecurity defenses - and their people.
U.S. government agencies now find themselves having to comply with Binding Operational Directive 18-01 to enhance email and web security. But what are the immediate tasks for agencies to undertake?
Download this eBook on enhancing email and web security and learn about:
The toughest compliance task facing...
We all see the headlines about high-profile breaches that started because of a phishing exploit. But how severe is the global email infiltration problem?
90 percent of data breaches investigated by the secret service, law enforcement, and forensic companies start from an email infiltration, according to the the...