January 31, 2017 Added by:Donato Capitella
The FriendFinder Network breach is a perfect example of how poor password storage can exacerbate the impact of a breach and expose accounts to further exploitation.
October 12, 2016 Added by:Vanishree Rao
While differential privacy is a promising tool, implementing and deploying it while retaining the privacy of end-to-end encryption is challenging.
August 11, 2016 Added by:Joe Levy
Although the FBI no longer needs to force Apple to unlock an iPhone that belonged to one of the San Bernardino terrorists, the debate must continue. Strong encryption that cannot be exploited by external or internal actors is a must for any organization.
May 09, 2016 Added by:Vanishree Rao
Thanks to digital preferences of millennials, increased digitization and cloudification will drive the demand for cloud security products and services.
April 22, 2016 Added by:Vanishree Rao
End-to-end encryption does not solve the problem, despite the common perception that it is the holy grail of instant-messaging security. It is necessary that service providers shift their attention toward non-traditional key-derivation mechanisms to close the loophole.
April 12, 2016 Added by:Yotam Gutman
Third party email cloud application could expose the organizations data since employees now have the ability to grant applications access to their corporate information
March 14, 2016 Added by:Mark Parker
Unfortunately, while the popularity of March Madness (the NCAA Basketball Tournament) has grown exponentially, nearly every facet of any employee’s involvement with the event could open up the employee, as well as the organization, to a number of cyber risks.
February 17, 2016 Added by:Dan Lohrmann
With the surging growth in cyberspace, new technologies, Wi-Fi, apps, robots, drones, terrorists with social media accounts, the Internet of Things (IoT) and nation-state hacking, online data security has become the Achilles’ heel of the Internet. A growing number of people want to know about new apps available for their smartphones and their data in the cloud – along with the upcoming securit...
December 21, 2015 Added by:Dan Lohrmann
Beyond cyber war and the good guys having the right tools to catch the bad guys, there can be a tendency to ignore “more mundane” acceptable use directives. That is, security staff can download copyrighted material (movies and games), view porn at work, look at information that is private (like promotions, raises or other data from management), “borrow” passwords or delete log files to cov...
December 01, 2015 Added by:Steve Durbin
Organizations worldwide continue to struggle to attract and retain skilled information and cybersecurity professionals. Overcoming this challenge requires a more imaginative, business and people-centric approach to the recruitment of security professionals.
August 04, 2015 Added by:Steve Durbin
Organizations are struggling to cope with the quantum speed and sophistication of global cyber-attacks being carried out by organized cyber-criminal syndicates. Moving forward, businesses need to prepare to be targeted at any time, and any place, by multiple assailants. Organizations that wish to keep pace with these developments, and remain financially viable, need to take action now, or face the...
July 17, 2015 Added by:Rohit Sethi
While static analysis is a very valuable technology for secure development, it is clearly no substitute for building applications with security in mind from the start.
July 06, 2015 Added by:Steve Durbin
Part III in this series looks at the need to institute a cloud assessment process and the four actions that organizations of all sizes can take to better prepare themselves as they place their sensitive data in the cloud.
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015