Organizations are realizing they need to do more to protect access to their privileged accounts and systems. However, they are missing the mark when assembling a privileged access management strategy. Either their focus is too narrow, or they are looking at the "bells and whistles" of new technology, such as...
The booming interest and sometimes surging values of cryptocurrencies are drawing the interest of cybercriminals on a scale never seen before - including attacks aimed at trying to steal computing power to mine cryptocurrency.
As a long-time security leader, Qualys CISO Mark Butler has watched the evolution of security tools and platforms. The best-of-breed approach still has value, but also has failed us, he says. How can automation and orchestration provide new business value?
Leading the latest edition of the ISMG Security Report: Inside the darknet marketplaces that serve cybercrime-as-a-service buyers and sellers. Also, why the healthcare sector remains so bad at detecting data breaches and blocking ransomware.
As threats and attacks become more frequent, the alerts and alarms to be investigated become more unmanageable. Plus, by the time the warnings are checked, the damage may already be done. We need a new paradigm that moves the enterprise from reactive to predictive. Can user behavior analytics and machine learning...
This monthly Security Agenda will highlight some of the most recent additions to our course library. This month's edition features Christiana Care's Anahi Santiago on 2018 risk management priorities. Another influencer, Lewin and Associates' Dr. Jack Lewin discusses the latest medical device security threats. This...
The U.S. government's idea to take the reins of the development of 5G mobile networks has been met with cynicism and criticism. But there are goods reasons the government is worried: Standards haven't been set in stone yet, and 5G will present a bevy of new security challenges. Here are some of them.
As big-data analytics matures, it will play a bigger role, but security information and event management software, or SIEMs, will also remain essential, contends Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham.
After two years on the sidelines, watching what he calls the expansion of "cyber insurgency," Tom Kellermann declares himself "back on the field" as chief cybersecurity officer at Carbon Black. How have threats evolved, and what is his hands-on mission?
Cyberattacks have increased in both number and severity over the past few years. The press has focused primarily on ransomware attacks. It makes sense: some research has shown that ransomware will cost roughly $5 billion USD in 2017 alone.
While ransomware has received the majority of the press, other cyberthreats...
One of the hottest debates in IT service management at the moment is whether or not to pursue "Managed Security Service Provider" (MSSP) status. This is largely caused by a lack of clarity over what the name means, whether it is beneficial to use it, or whether customers are even concerned about the distinction...
With the explosive growth of the internet of things, and the increasing threat posed by botnets that leverage IoT, more must be done to ensure IoT devices include security by design, says David Holmes, principal threat researcher at F5 Networks, who offers a strategy.
The White House, fearing China is spying on phone calls, has suggested that the U.S. government take a primary role in marshaling the development of secure 5G networks. But would nationalizing 5G networks make them more secure?
How bad does a third-party fix have to be for Microsoft to issue a rare, weekend update that helps IT administrators disable it? A security update from Microsoft allows users to disable a faulty Intel firmware update that can lead to frequent rebooting as well as lost or corrupted data.
Many Malwarebytes users had a busy weekend after a software update led their Windows systems to experience "out of memory" errors, loss of internet access and, in some cases, crashing. The security firm has apologized and issued detailed instructions for reversing the problems and installing its fix.