The "Energetic Bear," a.k.a. "Dragonfly," hacking campaign targets U.S. and Western European energy firms. While the hackers appear to be backed by Russia, the purpose of their attacks remains unclear.
Many IT security practitioners see their work as a game, one in which they try to outsmart attackers, says Eric van Ommeren, co-author of the just-published book, Staying Ahead in the Cyber Security Game:
What Matters Now.
To protect their privacy, organizations should get their IT security staffs involved in vendor-requested audits conducted to verify software licensing agreement compliance, says Gartner Research Director Victoria Barber.
Could too much regulatory oversight hinder cyberthreat information sharing, rather than encourage it? That's an increasing concern for bankers, who argue regulators could bog down progress in cybersecurity.
The Obama administration has reached a deal with EU representatives, pending Congressional approval, to give EU citizens the right to file lawsuits, in certain circumstances, if the U.S. has violated their privacy rights.
Under assault by advanced threats, organizations must change their approach, says Damballa's Stephen Newman. Detection is out; response is in. How do organizations deal with 'a constant state of infection?'
As Keith Alexander tells it, when he led the National Security Agency, he didn't exist. Alexander discovered that 'fact' after he retired on May 21 as director of the NSA and commander of the Cyber Command and began shopping to buy a new home.