Data security and privacy
Secure data storage, data loss prevention and encryption are must-have components of any enterprise security strategy, especially as data threats and breaches become increasingly common. Get advice on these topics, along with the latest data security strategies, data backup and recovery info, and more.
Top Stories
-
Feature
19 Dec 2024
10 cybersecurity predictions for 2025
AI will still be a hot topic in 2025, but don't miss out on other trends, including initial access broker growth, the rise of vCISOs, tech rationalization and more. Continue Reading
By- Kyle Johnson, Technology Editor
-
Answer
19 Dec 2024
How bad is generative AI data leakage and how can you stop it?
Mismanaged training data, weak models, prompt injection attacks can all lead to data leakage in GenAI, with serious costs for companies. The good news? Risks can be mitigated. Continue Reading
By
-
Guest Post
25 Jan 2021
4 ways to minimize the risk of IT supply chain attacks
Mark Whitehead breaks down the importance of taking a zero-trust cybersecurity approach when it comes to protecting networks and data accessible by third-party partners. Continue Reading
By- Mark Whitehead
-
Guest Post
22 Jan 2021
Standardize cybersecurity terms to get everyone correct service
Some cybersecurity terms can refer to multiple service offerings, which can be confusing for companies looking to implement them as well as the companies providing them. Continue Reading
By- Nabil Hannan
-
News
19 Jan 2021
Malwarebytes breached by SolarWinds hackers
Malwarebytes, which is not a SolarWinds customer, confirmed that nation-state actors used an entirely different vector to breach the antimalware vendor and access internal emails. Continue Reading
By- Arielle Waldman, News Writer
-
Guest Post
19 Jan 2021
Combine ML with human intelligence for your security strategy
As hackers target the ever-increasing complexity of company networks, enterprises need to find a balance between machine learning and human intelligence when protecting systems and data. Continue Reading
By- Rohit Dhamankar
-
Feature
29 Dec 2020
Editor's picks: Top cybersecurity articles of 2020
As the year no one could have predicted comes to a close, SearchSecurity takes a 30,000-foot view of the cybersecurity trends and challenges that defined the last 12 months. Continue Reading
By- Katie Donegan, Social Media Manager
-
Feature
22 Dec 2020
Enterprise cybersecurity threats spiked in 2020, more to come in 2021
After an unprecedented year from an enterprise cybersecurity threat standpoint, security leaders are preparing for growing number and sophistication of attacks in 2021. Continue Reading
-
Feature
04 Dec 2020
Security operations center use cases, strategies vary
More CISOs are turning to security operations centers to centralize infosec processes, but experience shows SOC use cases will depend on the organization's infosec objectives. Continue Reading
- E-Zine 02 Nov 2020
-
Feature
27 Oct 2020
Zero-trust methodology's popularity a double-edged sword
The authors of 'Zero Trust Networks' discuss how the zero-trust methodology's popularity produces both vendor hype and renewed attention to critical areas of security weakness. Continue Reading
By- Katie Donegan, Social Media Manager
-
News
16 Oct 2020
Twitter hackers posed as IT staff, used VPN issues as a lure
A report by New York State's Department of Financial Services found that hackers breached Twitter's network by posing as IT support and obtaining credentials through vishing. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
08 Oct 2020
Weighing double key encryption challenges, payoffs
Microsoft's new double key encryption offering brings data security and compliance benefits. Are they worth the implementation challenges? Continue Reading
By- Mike Chapple, University of Notre Dame
-
Guest Post
05 Oct 2020
Developing a cyber resilience plan for today's threat landscape
A cyber resilience plan should complement a company's cybersecurity strategy so that the security culture and cyber hygiene is thought through in all IT and cybersecurity initiatives. Continue Reading
By- Vishal Salvi
-
Tip
30 Sep 2020
What are the top secure data transmission methods?
Safe information transfer is a must for modern organizations, but not all secure data transmission methods are equal. Explore your secure data transfer options in this tip. Continue Reading
By- Michael Heller and Chris Apgar
-
News
24 Sep 2020
Shopify discloses data breach caused by insider threats
Canadian e-commerce company Shopify disclosed a data breach involving two insider threats, but questions remain about the breach and how it was discovered. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
22 Sep 2020
Format-preserving encryption use cases, benefits, alternative
With format-preserving encryption, a ciphertext's format is the same as its plaintext's. Read up on the benefits of this cryptography method, NIST FPE methods, vendors and more. Continue Reading
By -
Guest Post
15 Sep 2020
How to protect companies from business email compromise
Research shows that business email compromise attacks continue to proliferate as threat actors continue to see success. Here are a few ways to protect your company. Continue Reading
By- Justin Brecese
-
News
31 Aug 2020
The Uber data breach cover-up: A timeline of events
The criminal charges against former Uber CSO Joe Sullivan were the latest development in the ongoing scandal over the ride-sharing company's concealment of a 2016 data breach. Continue Reading
By- Rob Wright, Senior News Director
-
News
21 Aug 2020
Former Uber CSO charged over 'hush money' payment to hackers
Joe Sullivan, who was fired by Uber in 2017, was charged by federal prosecutors for allegedly covering up a massive 2016 data breach at the ride-sharing company. Continue Reading
By- Rob Wright, Senior News Director
-
Feature
11 Aug 2020
Security team analyzes data breach costs for better metrics
Security researchers discuss their findings on misleading and incorrect data breach cost metrics and share how breach reporting and information sharing can help all organizations. Continue Reading
By- Michael Heller, TechTarget
-
News
04 Aug 2020
Twitter breach raises concerns over phone phishing
The alleged mastermind behind the Twitter breach has been arrested, and the method of social engineering attack has also been revealed: phone phishing, or vishing. Continue Reading
By- Alexander Culafi, Senior News Writer
- Arielle Waldman, News Writer
-
Feature
03 Aug 2020
Security pros explain how to prevent cyber attacks
Even during pandemics, hackers use malware such as ransomware and phishing to exploit an organization's vulnerabilities. IT security pros discuss how they prevent cyber attacks. Continue Reading
-
Feature
31 Jul 2020
Security issues with working remotely (and how to fix them)
With companies continuing work from home for the foreseeable future, Rohit Dhamankar offers home security advice to help security teams and employees address security issues with working remotely. Continue Reading
By- Rohit Dhamankar, Guest Contributor
-
News
29 Jul 2020
IBM: Compromised credentials led to higher data breach costs
The average total cost of a data breach is $3.86 million, according to new research from IBM and the Ponemon Institute, and compromised credentials are the biggest reason why. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
23 Jul 2020
Microsoft unveils new DLP, 'Double Key Encryption' offerings
Microsoft revealed new security products and features this week, including an Endpoint Data Loss Prevention product as well as "Double Key Encryption" for Microsoft 365. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
21 Jul 2020
Complexity exacerbates cloud cybersecurity threats
As cloud becomes intrinsic to IT, shifting roles have led to some risks being overlooked. But companies are getting smarter about alleviating cloud cybersecurity threats. Continue Reading
-
News
20 Jul 2020
Twitter breach caused by social engineering attack
Twitter was breached last Wednesday though a social engineering attack. Forty-five accounts were hijacked and up to eight accounts may have had their private messages stolen. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Podcast
17 Jul 2020
Risk & Repeat: Twitter breach leads to account hijacking
This week's Risk & Repeat podcast discusses how threat actors gained access to Twitter's internal systems and hijacked the accounts of Jeff Bezos, Bill Gates and others. Continue Reading
By- Rob Wright, Senior News Director
-
News
15 Jul 2020
Citrix data exposed in third-party breach
Citrix CISO Fermin Serna said a third-party organization is investigating a data breach after some of the vendor's customer data ended up on a dark web marketplace. Continue Reading
By- Arielle Waldman, News Writer
-
News
16 Jun 2020
Repeat ransomware attacks: Why organizations fall victim
Some organizations get hit with ransomware multiple times. Threat researchers explain why repeat attacks happen and how victims can prevent it from occurring again. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
10 Jun 2020
Maze ransomware builds 'cartel' with other threat groups
Operators behind the Maze ransomware posted data leaks from competing ransomware gangs to their victim shaming website, suggesting they have joined forces. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
05 Jun 2020
A case for both cybersecurity detection and prevention tools
Companies need both detection and prevention cybersecurity tools to effectively keep data and employees safe from attackers. Just one or the other isn't enough. Continue Reading
By- Rohit Dhamankar, Guest Contributor
-
News
29 May 2020
Cisco servers breached through SaltStack vulnerabilities
Threat actors exploited critical SaltStack flaws, which were disclosed and patched last month, in a Cisco product to breach several of the networking company's salt-master servers. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
29 May 2020
How security testing could change after COVID-19
As companies look to bring employees back into the office, security teams must consider how to handle security testing due to initial remote work deployments and shadow IT. Continue Reading
By- Mark Whitehead, Guest Contributor
-
News
19 May 2020
Verizon DBIR: Breaches doubled, but plenty of silver linings
The 2020 Verizon Data Breach Investigations Report showed the number of confirmed breaches last year nearly doubled, but it also highlighted some positive trends. Continue Reading
By- Arielle Waldman, News Writer
-
News
12 May 2020
Q1 data breaches down, but exposed records reach new high
Threat intelligence firm Risk Based Security released its 2020 Q1 Report, which shows a 273 percent increase in exposed records and 42 percent decrease in publicly reported breaches. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
05 May 2020
How data loss prevention strategies benefit from UBA
Data loss prevention strategies require unique insight into user activity. Can user behavior analytics capabilities benefit threat management and breach detection? Continue Reading
By- Kevin Tolly, The Tolly Group
-
News
05 May 2020
Critical SaltStack vulnerabilities exploited in several data breaches
SaltStack patched two critical vulnerabilities in its software last week, but hackers used the flaws over the weekend to breach several unpatched networks and systems. Continue Reading
By- Rob Wright, Senior News Director
- Arielle Waldman, News Writer
-
Feature
28 Apr 2020
Utilize SMB security tools to work from home safely
With the global pandemic forcing enterprise workers home, SMB security tools can provide necessary protection for newly built home offices in order to keep business moving. Continue Reading
By- Kevin Tolly, The Tolly Group
-
Tip
06 Apr 2020
Using AIOps for cybersecurity and better threat response
AIOps platforms, when properly tuned, can benefit all of IT in important ways. Learn how these advanced security tools improve threat detection and response in myriad ways. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
Feature
31 Mar 2020
Will nonprofit's evolution of zero trust secure consumer data?
An Australian nonprofit aims to deliver an improved security protocol through what it calls a 'true zero-trust custody layer.' Will the protocol improve consumer data protection? Continue Reading
-
Feature
26 Mar 2020
Explore 7 data loss prevention tools for utmost security
Explore how DLP products secure enterprise data and these seven specialized vendors that provide protection through varying installation, platforms and features. Continue Reading
By- Kevin Tolly, The Tolly Group
-
News
24 Mar 2020
Canon breach exposes General Electric employee data
Canon Business Process Services was breached last month, according to an announcement by General Electric, which used Canon for employee document processing. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Infographic
13 Mar 2020
Analyzing the top 2019 data breach disclosures: Hindsight in 2020
Make 2020 the year your company keep its resolution to avoid a data breach. Experts offer lessons learned from the top 2019 data breaches to help stay secure in the year ahead. Continue Reading
By- Katie Donegan, Social Media Manager
- Sharon Shea, Executive Editor
-
Tip
28 Feb 2020
6 cybersecurity strategies to solidify personal data protection
As consumers add more connected devices to personal networks, cybersecurity risk is hitting close to home. Here are steps individuals can take to ensure personal data protection. Continue Reading
By- Daniel Allen, N2 Cyber Security Consultants
-
Feature
28 Feb 2020
Cyberinsurance coverage reflects a changing threat landscape
A constant deluge of data breach disclosures has prompted an increase in cybersecurity insurance coverage adoption. Learn how a policy can enhance an enterprise risk management program. Continue Reading
By- Katie Donegan, Social Media Manager
-
Tip
19 Feb 2020
Who wins the security vs. privacy debate in the age of AI?
When trying to maintain balance between security and privacy in an AI-enabled world, who decides which side should tip and when? So continues the security vs. privacy debate. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
-
Podcast
05 Feb 2020
Risk & Repeat: 2019 data breaches in review
This week's Risk & Repeat podcast looks at some of the biggest data breach disclosures from the second half of 2019 and discusses the trends around these incidents. Continue Reading
By- Rob Wright, Senior News Director
-
Infographic
03 Feb 2020
Data breach costs hit hard; where are you most vulnerable?
Breaking down the cost of a data breach isn't for the faint of heart. But with millions of dollars on the line for a single event, companies also need to have their eyes wide open. Continue Reading
- 03 Feb 2020
-
News
30 Jan 2020
Payment cards from Wawa data breach found on dark web
Payment card information from customers of the convenience store chain Wawa has reportedly gone up for sale on the dark web, though questions about the breach remain. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
28 Jan 2020
Cryptography basics: Symmetric key encryption algorithms
Scrambling plaintext into ciphertext is essential to ensure data cannot be read or used by the wrong people. Learn the basics of symmetric key encryption algorithms here. Continue Reading
By- Sharon Shea, Executive Editor
- Pearson Education
-
News
21 Jan 2020
2019 data breach disclosures: 10 more of the biggest
Here is a list of 10 of the largest data breaches (mostly) from the second half of 2019, including DoorDash, T-Mobile, Capital One and more. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
21 Jan 2020
Improve data security in the modern enterprise
From growing attack surfaces to new regulations, these data security considerations must be on every company's radar. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
-
Infographic
21 Jan 2020
Compare container security companies for the best protection
Securing containers can be a challenge when faced with buying the right platform. Discover these container security companies and their capabilities in this graphic. Continue Reading
By- Ed Moyle, Drake Software
-
News
30 Dec 2019
BigID: New privacy regulations have ended 'the data party'
New privacy laws are changing data management practices in the enterprise. BigID co-founder Nimrod Vax discusses the importance of being 'data native' in the era of the CCPA. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
27 Dec 2019
Editor's picks: Most pressing cybersecurity stories in 2019
As the year comes to an end, SearchSecurity takes a bird's-eye view of the sophisticated cyberthreat landscape and how it has changed over the past 12 months. Continue Reading
By- Katie Donegan, Social Media Manager
-
News
19 Dec 2019
Clumio eyes security, BaaS expansion with VC funding
Clumio CTO Chad Kinney and CSO Glenn Mulvaney discuss their company's roadmap and how Clumio addresses ransomware threats in a way that's different from other backup providers. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
17 Dec 2019
Data breach risk factors, response model, reporting and more
Dig into five data breach risk factors, and learn how the DRAMA data breach response model can help enterprises counter breaches in a timely and efficient manner. Continue Reading
By- Sharon Shea, Executive Editor
-
Tip
10 Dec 2019
Use a data privacy framework to keep your information secure
Find out how a data privacy framework gives companies the tools they need to ensure their information is protected -- from both internal and external threats. Continue Reading
By- Kevin Tolly, The Tolly Group
-
Answer
05 Dec 2019
What are best practices for a modern threat management strategy?
Infosec pros need to mitigate traditional cyberthreats, as well anticipate sophisticated, emerging threats. Learn how to build a threat management strategy that helps with both. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
News
05 Dec 2019
Session cookie mishap exposed HackerOne private reports
A security researcher used a mishandled session cookie to access private HackerOne bug reports with an account takeover attack and earned a bug bounty for their efforts. Continue Reading
By- Michael Heller, TechTarget
-
Tip
22 Nov 2019
Building a security operations center with these features
Building a security operations center means understanding the key features you need to ensure your network remains protected against threats. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
Answer
20 Nov 2019
Comparing Diffie-Hellman vs. RSA key exchange algorithms
See which encryption method uses digital signatures, symmetric key exchanges, bulk encryption and much more in this Diffie-Hellman vs. RSA showdown. Continue Reading
By- Sharon Shea, Executive Editor
- Michael Cobb
-
News
12 Nov 2019
How and why data breach lawsuits are settled
For all of the talk about data breach class action lawsuits, virtually none of them reach a courtroom. Here's why and how data breach lawsuits almost always end in settlements. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Answer
22 Oct 2019
The difference between AES and DES encryption
Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between AES and DES. Continue Reading
By- Ben Cole, Executive Editor
- Mike Chapple, University of Notre Dame
-
Answer
17 Oct 2019
Is a cybersecurity insurance policy a worthy investment?
Variables such as third-party business partners create unique cyberthreats for organizations. Find out when a cybersecurity insurance policy is a wise investment to prevent risk. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
Answer
16 Oct 2019
How should I choose a cybersecurity insurance provider?
To vet potential cybersecurity insurance providers, there are a few questions every customer should ask. Learn more about the questions to ask and how to get the answers you need. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
Answer
15 Oct 2019
What types of cybersecurity insurance coverage are available?
Cybersecurity insurance coverage could prove invaluable to risk mitigation -- if it's chosen carefully. Find out which type of insurance plan is right for your organization. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
News
03 Oct 2019
Zendesk breach in 2016 affected 10,000 customers
Zendesk disclosed a previously undetected security incident from 2016 in which data for 10,000 customer accounts was accessed, but the disclosure is missing some key details. Continue Reading
By- Michael Heller, TechTarget
-
Answer
27 Sep 2019
Should I invest in attack simulation tools?
Attack simulation tools -- along with third-party penetration testing -- can help improve an organization's enterprise security. Find out why. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
Answer
26 Sep 2019
When should I use breach and attack simulation tools?
Thanks to automation and other features, breach and attack simulation tools are an effective way to help network administrators keep their operations secure. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
News
09 Aug 2019
Broadcom-Symantec deal troubles cybersecurity experts
Broadcom laid down a $10.7 billion bet in buying Symantec's enterprise security software. While some are optimistic, security experts predict another Intel-McAfee deal. Continue Reading
By- Ed Scannell, Freelancer
-
News
05 Aug 2019
Capital One hack highlights SSRF concerns for AWS
Infosec pros warn of server-side request forgery vulnerabilities in AWS following the Capital One data breach, which may have revealed an issue regarding the AWS metadata service. Continue Reading
By- Rob Wright, Senior News Director
- Chris Kanaracus
-
News
30 Jul 2019
FBI charges former AWS engineer in Capital One breach
The FBI arrested a former AWS engineer who allegedly stole data for more than 100 million Capital One customers and credit card applications, thanks to a misconfigured firewall. Continue Reading
By- Rob Wright, Senior News Director
-
News
30 Jul 2019
AT&T introduces managed threat detection and response service
Using Alien Labs threat intelligence, AT&T Cybersecurity's Managed Threat Detection and Response service intends to identify and contain cybersecurity threats sooner to reduce data breaches. Continue Reading
By- Sabrina Polin, Managing Editor
-
News
30 Jul 2019
2019 data breach disclosures: 10 of the biggest -- so far
Enterprises have disclosed a number of significant data breaches in the first half of 2019. Here's a look at some of the biggest and most notable breaches so far this year. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
29 Jul 2019
What are the pros and cons of outsourcing IT security?
Companies are facing increased costs when maintaining an internal security group. Outsourcing IT security has its advantages, but there are some challenges to keep in mind. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
News
22 Jul 2019
Equifax to pay up to $700 million in data breach settlement
Under the settlement with the FTC and state attorneys general, Equifax will fork over at least $575 million in civil penalties and provide credit monitoring services to consumers. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
24 Jun 2019
The case for continuous security monitoring
When done correctly, continuous security monitoring provides real-time visibility into an organization's IT environment. Here are the best practices for building a CSM program. Continue Reading
-
Feature
30 May 2019
Dark data raises challenges, opportunities for cybersecurity
Dark data is the data enterprises didn't know they had. Splunk CTO Tim Tully explains where this data is hiding, why it's important and how to use and secure it. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
- E-Zine 01 May 2019
-
Feature
30 Apr 2019
How information sharing can reduce cybersecurity vulnerabilities
Cybersecurity vulnerabilities come from multiple fronts for modern businesses, but information sharing about real-world breaches -- good and bad -- provides valuable intelligence. Continue Reading
By- Ben Cole, Executive Editor
-
News
19 Apr 2019
Forcepoint pushes 'human-centric cybersecurity' approach
During the launch of the Forcepoint Cyber Experience Center in Boston, Forcepoint execs emphasized the need for adopting a new approach to cybersecurity that focuses on the human factor. Continue Reading
By -
Tip
17 Apr 2019
AI, machine learning in cybersecurity focused on behavior
Artificial intelligence, and machine learning in particular, is being fruitfully employed in IT security tools. Learn where this advanced technology works best now. Continue Reading
By- Nick Cavalancia, Techvangelism
-
Tip
16 Apr 2019
A look at security threats to critical infrastructure
Threats to critical infrastructure, like Operation Sharpshooter, should motivate CI sectors to take cybersecurity seriously. Learn about the threats and how to defend against them. Continue Reading
By- Ernie Hayden, 443 Consulting LLC
-
News
15 Apr 2019
New programs released aim to improve Google Cloud security
With the release of programs like Access Transparency, Virtual Private Cloud and GKE Sandbox, Google aims to improve Google Cloud security and identity protection. Continue Reading
-
Tip
28 Mar 2019
Four container security vulnerabilities and how to avoid them
Find out how container security best practices can address the four most common types of container and orchestrator vulnerabilities. Then mitigate threats with the right processes and tools. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
Answer
26 Mar 2019
What is post-quantum cryptography and should we care?
Post-quantum cryptographic algorithms are aimed at securing encrypted data against super-powerful computers in the future, but will they even be necessary? Hanno Böck explains. Continue Reading
By -
News
25 Mar 2019
FEMA data exposure affects 2.3 million disaster victims
FEMA's data exposure is another high-profile example of accidental data disclosures -- a trend that has some security experts calling for more focus on failed security controls. Continue Reading
By- Rob Wright, Senior News Director
-
News
22 Mar 2019
Hundreds of millions of Facebook passwords exposed internally
Facebook learned three months ago that hundreds of millions of passwords were stored internally in plaintext, but it didn't disclose the issue or notify users until the news leaked. Continue Reading
By- Michael Heller, TechTarget
-
Answer
07 Mar 2019
How can I protect my self-encrypting drives?
Dutch researchers discovered flaws in ATA security and TCG Opal affecting self-encrypting drives. What steps can you take to guard data stored on vulnerable solid-state drives? Continue Reading
-
News
26 Feb 2019
Eclypsium: Bare-metal cloud servers vulnerable to firmware attacks
Eclypsium found IBM SoftLayer cloud services are vulnerable to what it calls Cloudborne, which allows threat actors to make small, but potentially deadly firmware changes. Continue Reading
By -
News
21 Feb 2019
CrowdStrike report says breakout time for threat actors is increasing
CrowdStrike's annual global threat report highlights why speed is critical for cybersecurity defenders. Experts sound off on key findings, including the rise of 'big game hunting.' Continue Reading
By -
Answer
12 Feb 2019
Should large enterprises add dark web monitoring to their security policies?
Security expert Nick Lewis says dark web monitoring can help enterprises gather threat intelligence, but enterprises need to understand how to validate the data they find. Continue Reading
By -
Answer
07 Feb 2019
Is there a viable breach notification tool?
A breach notification tool from Firefox Monitor and Have I Been Pwned could help consumers understand more quickly if their email or other vital information has been hacked. Continue Reading
By -
Infographic
01 Feb 2019
Cutting SecOps breach response time is key to success
A new survey measures the success of security operations breach response by how long it takes to complete a three-step process to detect, understand and contain incidents. Continue Reading
By- Kate Gerwig, Editorial Director
-
News
30 Jan 2019
New DDoS attack technique puts CSPs at risk
Nexusguard found a new DDoS attack technique that targeted CSPs in which attackers used a bit-and-piece approach to inject junk into legitimate traffic and dodge detection. Continue Reading
By -
News
29 Jan 2019
Insecure MongoDB databases expose Russian backdoor access
A security researcher found more than 2,000 exposed MongoDB databases that revealed a backdoor-access account operated by the Russian government, according to a report from ZDNet. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
17 Jan 2019
How to perform an ICS risk assessment in an industrial facility
An important step to secure an industrial facility is performing an ICS risk assessment. Expert Ernie Hayden outlines the process and why each step matters. Continue Reading
By- Ernie Hayden, 443 Consulting LLC
-
News
08 Jan 2019
Marriott data breach exposed 5 million unencrypted passport numbers
Marriott's data breach affected fewer customers than the hotel giant originally estimated, but the breach exposed millions of unencrypted passport numbers. Continue Reading
By