Automated threat intelligence sharing can significantly reduce the amount of time it takes organizations to identify, assess and react to attacks, according to new research from Johns Hopkins. Mark Clancy, CEO of Soltra, says automated information sharing with government and other sectors is catching on.
The nonstop pace of "Apple vs. FBI" updates and related crypto debates seemed to exceed both the U.S. government's and the information security industry's advanced persistent spin-cycles at this year's RSA Conference.
The Internal Revenue Service has temporarily deactivated an online PIN-retrieval tool meant to prevent stolen Social Security numbers from being used to file fraudulent returns after finding that hackers had successfully subverted the system.
Blockchain technology used by bitcoin and other cryptocurrencies offers opportunities for enhanced authentication and ID management, as well as cross-border money remittances, says Ben Knieff of the consultancy Aite. But he contends it's not clear that the technology could play a role in faster payments.
The Justice Department's appeal of a court order that the government can't compel Apple to unlock an iPhone used by an accused drug dealer is significant because it sets in motion a process that could lead to a Supreme Court ruling on whether mobile device makers must give law enforcement an encryption backdoor.
For years, Wade Baker was one of the main forces behind the industry's most noted data breach investigations report. Now, as vice president of strategy and analytics at ThreatConnect, he has the chance to practice the lessons he's learned, as he explains in this video interview.
The big companies make the big headlines, but the midsized entities are really the growing attack targets, says Dick Williams, CEO of Webroot. In this video interview, he discusses how new tools and services are serving this expanding market.
DDoS attacks are on the rise, and they come across multiple vectors. In this video interview, Paul Nicholson of A10 Networks describes how organizations can defend against DDoS - and why SSL traffic inspection is a must.
More cybercriminals are adapting their attack techniques, using compromised credentials linked to privileged accounts to invade networks and systems, according to researchers at Dell SecureWorks, who describe an open source solution that can help mitigate the threat.
Threat response is a lot like physical fitness. Enterprises know what they need to do - they often just opt not to do it. RSA's Rashmi Knowles offers advice for how to move from threat prevention to response.
The security industry has been too focused on managing identities - and not focused enough on privileged access, says Andy Vallila of Dell Security Solutions. In this video interview, he discusses the level of visibility organizations need for privileged accounts.
Malwarebytes has long been a force in the consumer space, but now its focus is on enterprise breach remediation. In this video interview, Pedro Bustamante explains the enterprise strategy and discusses proactive malware hunting.
Unlike other security and breach reports, Verizon's Data Breach Digest is a collection of data breach investigation case studies from around the world. Verizon's Ashish Thapar elaborates on findings from this digest.
Apple's standoff with the U.S. government is creating a healthy debate about whether federal investigators, under certain circumstances, should have the right to circumvent the security functions of smartphones and other devices, says cybersecurity attorney Chris Pierson.