DDoS attacks have grown in sophistication. But so have organizations' dependencies on the services disrupted by DDoS, says Corero's Ashley Stephenson. How should security leaders respond to protect their critical services?
Organizations across all industry sectors understand the importance of information security. But turning security awareness into meaningful action - that's the challenge that many midsized entities face, says Sophos' Nick Bray.
Cloud-based advanced threat protection helps organizations detect sophisticated malware that is able to bypass existing security measures. The key is to start with the premise that the network is already infected, says Seculert's Dudi Matot.
Organizations and security threats have changed dramatically, but many information security strategies have not - and that is a huge problem, says SafeNet's Jason Hart.
Understanding the behavior patterns of individuals with access to an organization's most important credentials is one of the keys to privileged management, says CyberArk's Matt Middleton-Leal.
On the technical side, authentication is much the same as it was years ago. But the way consumers are using two-factor authentication products has dramatically changed, says Vasco's Jan Valcke.
When considering security products, companies need to run test scenarios to make certain the product can handle their type of traffic, says Ixia's Richard Favier.
A new study from Neustar shows DDoS attacks in the United Kingdom are often used as a smoke screen for malware attacks or theft, says security specialist Susan Warner.
The key to creating secure applications is choosing the right open source components and carefully monitoring them to ensure they remain free of defects, says Sonatype's Wai Man Yau.
New technology enables organizations to protect applications against reverse engineering and tampering by cybercriminals, says Arxan Technologies' Mark Noctor, who explains how the approach works.
"If you're not doing the right things on managing vulnerabilities, it doesn't really matter what other kinds of sophisticated things you do - that's the baseline for security," says BeyondTrust's Marc Maiffret.
Cloud-based "testing-as-a-service" and "security-as-a-service" platforms can make security more accessible to smaller organizations, says Spirent's Brian Buege.
As cyber-attacks become more common, organizations must devise new ways to shorten response times and lessen the impact, says Paul Nguyen of CSG Invotas.
The best way to detect whether hackers have penetrated an IT system is to examine outbound traffic, says Eric Cole, the latest inductee to the Infosecurity Europe Hall of Fame.
A George Mason University research fellow says the cybersecurity framework, issued earlier this year by the National Institute of Standards and Technology, is likely to cause more problems than it solves.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.
