Security operations and management
Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.
Top Stories
-
Feature
20 Dec 2024
Identity and access management tools and features for 2025
The IAM tool marketplace is complex and ever-changing. Learn about key features and how to discern what your organization needs before approaching potential providers. Continue Reading
By- Ed Moyle, Drake Software
-
Guest Post
19 Dec 2024
Add gamification learning to your pen testing training playbook
Organizations that embrace gamification in their pen testing training are better positioned to build and maintain the skilled security teams needed to address evolving threats. Continue Reading
By- Ed Skoudis, SANS Technology Institute
-
Podcast
26 Apr 2018
Risk & Repeat: Hacking back, GDPR and more from RSAC
In this week's Risk & Repeat podcast, SearchSecurity editors discuss some of the major themes and debates from RSA Conference, from hacking back to GDPR compliance. Continue Reading
By- Rob Wright, Senior News Director
-
News
26 Apr 2018
Philip Tully: AI models are cost prohibitive for some enterprises
Philip Tully discusses the expensive and time-consuming work of building AI models and how those models can become the target of cyberattacks by malicious actors. Continue Reading
By- Michael Heller, TechTarget
-
News
20 Apr 2018
Government hacking tactics questioned at OURSA
The ACLU's Jennifer Granick took government hacking to task at the OURSA Conference this week, calling out mass surveillance techniques and the limited scope of search warrants. Continue Reading
By- Madelyn Bacon, TechTarget
-
News
20 Apr 2018
Experts describe how hacking back can be done right
A panel of experts at the RSA Conference all expressed support for the idea of hacking back against threat actors, but each offered caveats in hopes of minimizing collateral damage. Continue Reading
By- Michael Heller, TechTarget
-
News
19 Apr 2018
Schneier talks cyber regulations, slams U.S. lawmakers
Speaking at RSA Conference 2018, Bruce Schneier slammed U.S. lawmakers and Facebook in discussions on internet security regulations and technology policy. Continue Reading
By- Rob Wright, Senior News Director
-
Blog Post
17 Apr 2018
FedRAMP security requirements put a premium on automation
Matt Goodrich, director for the Federal Risk and Authorization Management Program, detailed FedRAMP security requirements and automation at RSA's Cloud Security Alliance Summit. Continue Reading
By- Rob Wright, Senior News Director
-
Podcast
17 Apr 2018
Risk & Repeat: Breaking down the Verizon DBIR 2018
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the '2018 Verizon Data Breach Investigations Report' and its findings about ransomware, phishing and more. Continue Reading
By- Rob Wright, Senior News Director
-
News
17 Apr 2018
ISACA: Cybersecurity skills gap still hurting enterprises
ISACA's State of Cybersecurity 2018 report offered good news and bad news about the cybersecurity skills gap and also shed light on gender disparity in the infosec profession. Continue Reading
By- Rob Wright, Senior News Director
-
News
13 Apr 2018
Cybersecurity AI hype matures at RSAC 2018
Top submissions to the RSA Conference 2018 indicate that the hype cycle around cybersecurity AI may be maturing, while diversity gets a lower ranking on the hot topic list. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
12 Apr 2018
Risk & Repeat: RSAC 2018 trends focus on AI, blockchain
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the big questions ahead of RSA Conference 2018, as well as notable sessions and speakers scheduled for the event. Continue Reading
By- Rob Wright, Senior News Director
-
News
11 Apr 2018
Ransomware threat tops Verizon Data Breach Report
After years of climbing the ranks in the Verizon Data Breach Investigations Report, the ransomware threat has finally taken the top spot as the most prevalent malware type. Continue Reading
By- Michael Heller, TechTarget
-
Conference Coverage
11 Apr 2018
RSAC 2018: Special conference coverage
Find out what's happening at the information security industry's biggest event with breaking news and analysis by the SearchSecurity team at the RSA Conference 2018 in San Francisco. Continue Reading
-
Podcast
06 Apr 2018
Risk & Repeat: New revelations in San Bernardino iPhone case
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the OIG report's findings on the FBI's effort to unlock the iPhone of one of the San Bernardino terrorists. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
30 Mar 2018
Imran Awan case shows lax security controls for IT staff
Investigations into the conduct of the IT staff of the House of Representatives raised alarms. Kevin McDonald explains what we can learn from the case of Imran Awan. Continue Reading
By- Kevin McDonald, Alvaka Networks
-
Podcast
30 Mar 2018
Risk & Repeat: IBM Think 2018 highlights AI, blockchain
In this week's Risk & Repeat podcast, SearchSecurity editors recap IBM Think 2018 and discuss Watson's Law and Big Blue's pledge to keep user data safe from misuse and exposure. Continue Reading
By- Rob Wright, Senior News Director
-
News
30 Mar 2018
IBM Security looks to incident response services for growth
While IBM has made significant investments in acquiring cybersecurity vendors in recent years, the company now is turning its attention to security services like incident response. Continue Reading
By- Rob Wright, Senior News Director
-
News
29 Mar 2018
RSA Innovation Sandbox highlights threat detection, AI
Security startups competing in this year's RSA Innovation Sandbox will present new offerings for threat detection, cloud security, artificial intelligence and machine learning. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Blog Post
27 Mar 2018
RSA Conference keynotes miss the point of diversity
RSA Conference keynotes now include a handful of distinguished women, but very few will be speaking about cybersecurity, falling short of truly equal representation. Continue Reading
By- Madelyn Bacon, TechTarget
-
News
27 Mar 2018
Five days after Atlanta ransomware attack, recovery begins
After battling the fallout from an Atlanta ransomware attack for five days, Mayor Keisha Bottoms said City Hall has finally begun to recover and turn systems back on. Continue Reading
By- Michael Heller, TechTarget
-
News
23 Mar 2018
CLOUD Act stirs tension between privacy advocates and big tech
Privacy advocates criticize Congress for passing the CLOUD Act as part of the omnibus spending bill, while big tech companies have expressed support for the controversial legislation. Continue Reading
By- Michael Heller, TechTarget
-
News
21 Mar 2018
Durov refuses to hand over Telegram encryption keys to FSB
CEO Pavel Durov continued to assert that Telegram encryption keys will not be shared with the FSB, despite the Russian Supreme Court denying the company's appeal. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
21 Mar 2018
Risk & Repeat: OURSA takes RSA Conference to task
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the emergence of OURSA to highlight diversity and the RSA Conference's lack of female keynote speakers. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
05 Mar 2018
Continuous security monitoring advances automated scanning
Battling threats in today's fast-paced cyberworld means shutting down vulnerabilities fast, which requires round-the-clock monitoring. Learn how to make it happen in your company. Continue Reading
By- Mike Chapple, University of Notre Dame
-
News
02 Mar 2018
Cellebrite claims it can unlock Apple devices, but questions remain
News roundup: Cellebrite claims it can unlock Apple devices, according to a Forbes report. Plus, iCloud encryption keys will now be stored in China, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
News
28 Feb 2018
Visa reports EMV chip cards thwart fraud, but criminals adapting
Visa points to a 70% drop in fraud due to EMV chip cards, as consumers and merchants adopt the new payment card technology. But criminals are shifting their own focus to adapt. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Podcast
27 Feb 2018
Risk & Repeat: Is the cyberthreat landscape shifting to cryptomining?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how new attacks, like cryptojacking, may be supplanting previous top cyberthreats, such as ransomware. Continue Reading
By- Rob Wright, Senior News Director
-
News
22 Feb 2018
SEC cybersecurity disclosure rules get a guidance update
The U.S. Securities and Exchange Commission introduced new SEC cybersecurity disclosure rules to prevent insider trading related to data breaches and other security incidents. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
22 Feb 2018
GDPR data breach notification is just one piece of EU privacy puzzle
With the EU's General Data Protection Regulation looming, Qualys' Darron Gibbard discusses GDPR data breach notifications, and more with the EU's new privacy law. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Podcast
19 Feb 2018
Risk & Repeat: Cyberinsurance market gets a shake-up
In this week's Risk & Repeat podcast, SearchSecurity editors discuss a new industry partnership designed to give Apple and Cisco customers beneficial cyberinsurance policies. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
14 Feb 2018
How to prevent SQL injection attacks in your enterprise
SQL injection attacks threaten enterprise database security, but the use of cloud services can reduce the risk. Here's a look at some alternative SQL injection protection methods. Continue Reading
By- Frank Siemons, RedSec
-
Answer
13 Feb 2018
How should BGP route hijacking be addressed?
A new report from NIST shows how BGP route hijacking can threaten the internet. Expert Judith Myerson reviews the guidance for improving BGP security. Continue Reading
-
News
08 Feb 2018
DoJ breaks up Infraud Organization with some help
The U.S. Department of Justice announced the shutdown of the Infraud Organization, which authorities claim is responsible for global cyberfraud losses in excess of $530 million. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Tip
07 Feb 2018
Cloud security lessons to learn from the Uber data breach
Any organization that uses cloud services can learn something from the 2016 Uber data breach. Expert Ed Moyle explains the main takeaways from the massive breach. Continue Reading
By- Ed Moyle, Drake Software
-
Feature
01 Feb 2018
CISOs map out their cybersecurity plan for 2018
What's on the short list for enterprise cybersecurity programs in the coming year? As attack vectors increase -- think IoT -- we ask information security leaders to discuss their plans. Continue Reading
-
E-Zine
01 Feb 2018
Cybersecurity roadmap: What's driving CISOs' agendas for 2018
Omar F. Khawaja, CISO at Highmark Health, has five areas of focus on his cybersecurity roadmap, and technology is not at the top of the list. Instead, he is prioritizing organizational change management and building an effective decision-making framework for the security leaders of the national healthcare provider and insurer.
While Khawaja's cybersecurity roadmap may sound ambitious, his focus on risk management and team decision-making to align the security program with the healthcare organization's business strategy is far from unique. Studies show that executives increasingly recognize that a cyberattack could cripple their operations and mean millions in lost business and reputational damage as well as in cleanup costs.
"CISOs are now charged with defending this digital infrastructure, and that includes software everywhere and data as a resource, and that's a massive change at a time when the attack surface keeps expanding," says Jeff Pollard, an analyst at Forrester Research.
In this issue of Information Security magazine, security professionals detail the process of developing effective one-year plans. Why do companies struggle to strengthen their cybersecurity roadmap? We look at effective planning, what could go wrong and how to get support for your strategy.
Continue Reading -
News
26 Jan 2018
FBI encryption argument draws fire from senator
Sen. Ron Wyden challenged the FBI encryption argument and asked the FBI director to be transparent about claims that lawful access could be provided securely. Continue Reading
By- Michael Heller, TechTarget
- 26 Jan 2018
-
Podcast
24 Jan 2018
Risk & Repeat: Backdoor access, strong encryption debate rolls on
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the FBI's continued criticism of encrypted devices and the risks of vendor-created backdoor access points. Continue Reading
By- Rob Wright, Senior News Director
-
News
16 Jan 2018
CIA attributes NotPetya attacks to Russian spy agency
The CIA reportedly concluded that Russia's foreign intelligence agency created and was responsible for the NotPetya attacks against Ukraine in June. Continue Reading
By- Michael Heller, TechTarget
-
Tip
10 Jan 2018
The 12 biggest cloud security threats, according to the CSA
The Cloud Security Alliance reported what it found to be the biggest cloud security threats. Expert Rob Shapland looks at how cloud risks compare to on-premises risks. Continue Reading
By -
News
09 Jan 2018
NIST botnet security report recommendations open for comments
Federal agencies opened public comments on a draft botnet security report born from the 2017 White House cybersecurity executive order, and experts are generally favorable. Continue Reading
By- Michael Heller, TechTarget
-
News
05 Jan 2018
Huge coordinated vulnerability disclosure needed for Meltdown
Unprecedented Spectre and Meltdown CPU flaws required a vast coordinated vulnerability disclosure effort over six months and across dozens of organizations. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
29 Dec 2017
Risk & Repeat: Cybersecurity predictions for 2018
In this week's Risk & Repeat podcast, SearchSecurity editors offer their cybersecurity predictions for 2018, including forecasts for cryptojacking, DDoS attacks and other threats. Continue Reading
By- Rob Wright, Senior News Director
-
News
20 Dec 2017
White House WannaCry attribution leaves unanswered questions
The White House's WannaCry attribution included the broad strokes, experts say, but the case avoided some key pieces of information, such as the role of the NSA in the attacks. Continue Reading
By- Michael Heller, TechTarget
-
News
19 Dec 2017
North Korea behind WannaCry attacks, White House says
The White House officially said North Korea was behind the WannaCry attacks, and it credited Facebook and Microsoft for work in attribution. But it left questions unanswered. Continue Reading
By- Michael Heller, TechTarget
-
News
14 Dec 2017
Mirai creators and operators plead guilty to federal charges
The Department of Justice announced guilty pleas from the three Mirai creators and operators behind the massive worldwide botnet DDoS attacks in 2016. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
14 Dec 2017
Risk & Repeat: The Bitcoin boom and its infosec effects
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent bitcoin boom and how the cryptocurrency's rising value could affect the cybersecurity landscape. Continue Reading
By- Rob Wright, Senior News Director
-
News
07 Dec 2017
Army cyber officer hiring to build the future of warfare
A new initiative plans Army cyber officer hiring over the course of five years, but experts are skeptical it can attract the best candidates away from the private sector. Continue Reading
By- Michael Heller, TechTarget
-
News
04 Dec 2017
Ex-NSA employee pleads guilty to removing classified data
The former NSA employee reportedly responsible for exposing classified data to Russian government hackers pleaded guilty and faces a maximum of 10 years in prison. Continue Reading
By- Rob Wright, Senior News Director
-
News
01 Dec 2017
Proposed data breach legislation could put executives in jail
Democratic senators have proposed data breach legislation that could lead to jail time for some executives who conceal breaches and fail to disclose them to consumers. Continue Reading
By- Rob Wright, Senior News Director
-
News
01 Dec 2017
Leaked NSA Ragtime files hint at spying on U.S. citizens
Exposed data included new information on the NSA Ragtime intelligence-gathering program, but it is unclear if the evidence proves Americans were targeted. Continue Reading
By- Michael Heller, TechTarget
-
Feature
01 Dec 2017
CISOs take notice as GPS vulnerabilities raise alarms
GPS has been extraordinarily reliable, but there's a growing chorus of experts who say it's time to assess GPS security and consider protective strategies. Continue Reading
-
Podcast
30 Nov 2017
Risk & Repeat: Uber data breach has implications for infosec
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Uber data breach, which was concealed by company officials, and the ethics of data breach disclosure. Continue Reading
By- Rob Wright, Senior News Director
-
News
30 Nov 2017
NSA data leak exposed Army INSCOM project information
Yet another publicly accessible cloud storage bucket exposed government data; this time it was an NSA data leak which included information on an Army intelligence project. Continue Reading
By- Michael Heller, TechTarget
-
Tip
30 Nov 2017
Data breach litigation: What enterprises should know
Data breach litigation can be highly detrimental to an organization that just suffered a major security incident. Find out what kinds of legal action enterprises could face in the event of a data breach. Continue Reading
By- Christopher Hart, Foley Hoag LLP
-
Answer
29 Nov 2017
How do source code reviews of security products work?
Tensions between the U.S. and Russia have led to source code reviews on security products, but the process isn't new. Expert Michael Cobb explains what to know about these reviews. Continue Reading
By - 29 Nov 2017
-
Tip
28 Nov 2017
How a technology advisory group can benefit organizations
A technology advisory group can have an irreplaceable impact on an organization. Kevin McDonald explains how volunteer advisors can aid law enforcement and other organizations. Continue Reading
By- Kevin McDonald, Alvaka Networks
-
Podcast
21 Nov 2017
Risk & Repeat: Vulnerabilities Equities Process gets an update
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the new charter for the Vulnerabilities Equities Process and what it means for the infosec community. Continue Reading
By- Rob Wright, Senior News Director
-
News
20 Nov 2017
DOD exposed data stored in massive AWS buckets
A security researcher at UpGuard found exposed data in Amazon Web Services' cloud storage buckets. And once again, the data belongs to the Department of Defense. Continue Reading
By- Michael Heller, TechTarget
-
News
17 Nov 2017
Google bug bounty pays $100,000 for Chrome OS exploit
An anonymous security researcher has once again earned the top Google bug bounty prize in the Chrome Reward Program for a Chrome OS exploit chain. Continue Reading
By- Michael Heller, TechTarget
-
News
16 Nov 2017
Federal vulnerability review under new VEP still has questions
Experts are still unsure about the Vulnerabilities Equities Process, but admit the new VEP Charter could be a good step toward improving federal vulnerability review. Continue Reading
By- Michael Heller, TechTarget
-
News
15 Nov 2017
New VEP Charter promises vulnerability transparency
The White House wants a more open Vulnerabilities Equities Process and has unveiled a new VEP Charter in order to promote transparency in bug reviews. Continue Reading
By- Michael Heller, TechTarget
-
News
09 Nov 2017
FBI hacking may have crossed international borders
New court documents indicate an FBI hacking operation may have crossed international borders and infected systems in Russia, China and Iran. Continue Reading
By- Michael Heller, TechTarget
-
Answer
06 Nov 2017
Monitoring employee communications: What do EU privacy laws say?
The European Court of Human Rights recently placed strict regulations on monitoring employee communications. Matt Pascucci compares EU privacy laws to the U.S.'s standards. Continue Reading
-
News
03 Nov 2017
Certificate authority business undergoes major changes
News roundup: Comodo and Symantec sales signal important changes in the certificate authority business. Plus, an Oracle vulnerability gets a CVSS score of 10.0, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
News
02 Nov 2017
SAVE Act attempts to bolster election security
Two senators introduced a bipartisan election security bill called the SAVE Act, which aims to improve voting infrastructure and harden state systems against attack. Continue Reading
By- Michael Heller, TechTarget
-
E-Zine
01 Nov 2017
Next-gen SOC: What's on your automation roadmap?
The concept of a security operations center that optimizes resources -- security technologies, threat intelligence and analysts -- to counter threats is a great idea. However, in reality, designing an effective SOC is hard. Many companies struggle first with implementation and then with figuring out how to take their SOC to the next level. What will the next-gen SOC look like?
Security operations centers today are found mostly in large organizations and focus on detection and remediation. The lack of big data analysis tools that can work with wide varieties of data is a major obstacle.
"That's one of the reasons I think people say SOCs are not very effective yet," said Randy Marchany, CISO at Virginia Tech. The university's SOC project has been put on hold as they implement another security information and event management tool and ramp up on the open source Elastic Stack, formerly known as ELK.
Integration of tools and increased automation may help security analysts prioritize security events in a next-gen SOC, but once a serious security incident has been identified, many companies lack a sophisticated incident-response process. CISOs need to work on building internal and external relationships, like with law enforcement, that will assist the company in the event of a breach.
In this issue of Information Security magazine, we look at the strengths and weaknesses of security operations centers. To what extent are SOCs integrating the tools they have? How are they automating these processes? We ask CISOs and other security leaders what strategies will help organizations build the next-gen SOC. What is your three-year plan for getting your organization's security operations center to the next level?
Continue Reading -
Opinion
01 Nov 2017
Are companies with a SOC team less likely to get breached?
Information security operations centers are “growing up,” according to one study. But, with staffing shortages and manual collection of data, performance metrics are hard to get. Continue Reading
-
Feature
01 Nov 2017
Are security operations centers doing enough?
SOCs are maturing, but organizations facing the increased threat landscape understand that improving their effectiveness must be a priority in the year ahead. Continue Reading
By- Steve Zurier, ZFeatures
-
Blog Post
31 Oct 2017
Is "responsible encryption" the new answer to "going dark"?
"Three may keep a Secret, if two of them are dead." So wrote Benjamin Franklin, in Poor Richard's Almanack, in 1735. Franklin knew a thing or two about secrets, as well as about cryptography, given ... Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Feature
30 Oct 2017
Grossman: Cyberinsurance market is like the 'Wild West'
Jeremiah Grossman, chief of security strategy at SentinelOne, talks with SearchSecurity about the value of cyberinsurance and why the rapidly growing market needs to mature. Continue Reading
By- Rob Wright, Senior News Director
- 30 Oct 2017
- 30 Oct 2017
-
News
27 Oct 2017
Warning for Equifax security issues came months before breach
A security researcher reportedly disclosed a number of Equifax security issues to the company months before the major data breach, and none of the problems were fixed. Continue Reading
By- Michael Heller, TechTarget
-
Feature
26 Oct 2017
The art of the cyber warranty and guaranteeing protection
Jeremiah Grossman, chief of security strategy at SentinelOne, talks with SearchSecurity about the science of developing a cyber warranty for threat detection products. Continue Reading
By- Rob Wright, Senior News Director
-
News
25 Oct 2017
NSA cyberweapons report follows Kaspersky transparency plan
A Kaspersky transparency initiative and a full code review of its products are on the way, and a new Kaspersky statement explained how NSA cyberweapons were uploaded to its servers. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
20 Oct 2017
Risk & Repeat: DEFCON tackles voting machine security
In this week's Risk & Repeat podcast, SearchSecurity editors discuss DEFCON's efforts to improve voting machine security in the wake of hacking threats during the 2016 election. Continue Reading
By- Rob Wright, Senior News Director
-
News
13 Oct 2017
DOJ's 'responsible encryption' is the new 'going dark'
News roundup: The DOJ calls for 'responsible encryption' to comply with court orders. Plus, there's more bad cybersecurity news for banks, and Accenture data in AWS gets exposed. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
12 Oct 2017
DEFCON hopes voting machine hacking can secure systems
The first official report on voting machine hacking from DEFCON suggests the need for pen testing, basic security guidelines and cooperation from local and federal governments. Continue Reading
By- Michael Heller, TechTarget
-
Tip
09 Oct 2017
Make your incident response policy a living document
Effective incident response policies must be detailed, comprehensive and regularly updated -- and then 'embedded in the hearts and minds' of infosec team members. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
News
05 Oct 2017
Equifax breach impact expands, blame game continues
The Equifax breach impact expanded and the company's former CEO answered questions in a congressional hearing, but experts were not satisfied by the answers. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
05 Oct 2017
Risk & Repeat: Are hacking victims taking too much blame?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss comments from the FBI's Donald Freese on the practice of blaming and shaming hacking victims and its effects. Continue Reading
By- Rob Wright, Senior News Director
-
News
29 Sep 2017
Government data requests on the rise for Apple and Google
One expert is concerned about the large increase of government data requests received by Apple and the effects this surveillance activity has on user privacy. Continue Reading
By- Michael Heller, TechTarget
-
Blog Post
29 Sep 2017
FBI's Freese: It's time to stop blaming hacking victims
The FBI's Don Freese spoke at the (ISC)2 Security Congress this week about the need to end the practice of blaming hacking victims. But will infosec professionals listen? Continue Reading
By- Rob Wright, Senior News Director
-
News
21 Sep 2017
Undisclosed SEC breach may have led to illegal stock trades
The U.S. Securities and Exchange Commission admitted a 2016 breach that was previously undisclosed may have enabled threat actors to engage in illegal stock trades. Continue Reading
By- Michael Heller, TechTarget
-
Tip
19 Sep 2017
How to balance organizational productivity and enterprise security
It's no secret that enterprise security and organizational productivity can often conflict. Peter Sullivan looks at the root causes and how to address the friction. Continue Reading
-
News
15 Sep 2017
DHS banned Kaspersky software from all government systems
News roundup: DHS has banned Kaspersky software from use in government systems. Plus, the commonwealth of Virginia decided to do away with touchscreen voting machines, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Podcast
01 Sep 2017
Risk & Repeat: Alternative infosec conferences on the rise
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how smaller, more targeted infosec conferences are making a name for themselves in the shadow of much larger events. Continue Reading
By- Rob Wright, Senior News Director
-
News
29 Aug 2017
Kaspersky-Russian ties still unclear, despite FBI push
The specter of Kaspersky-Russian ties has reportedly led to an FBI campaign urging private organizations to drop Kaspersky Lab products; experts urge the FBI to share more evidence. Continue Reading
By- Michael Heller, TechTarget
-
Feature
29 Aug 2017
Top cybersecurity conferences for when Black Hat and RSA aren't right
The big cybersecurity conferences can make attendees weary, but there are many alternatives to the big name shows that may be easier to get to and easier to handle. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Tip
29 Aug 2017
What to do when cybersecurity breaches seem inevitable
The current threat landscape makes cybersecurity breaches seem unavoidable. Expert Peter Sullivan discusses some simple ways enterprises can reduce the risk of a breach. Continue Reading
-
News
25 Aug 2017
U.S. government cybersecurity is a mess, according to officials
News roundup: John McCain, NIAC and others called out the administration for not doing enough on U.S. government cybersecurity. Plus, the Ropemaker exploit alters emails, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Feature
18 Aug 2017
Valerie Plame: U.S. government cyberdefense must be improved
Former CIA officer Valerie Plame discusses why America's cyberdefense is lagging behind -- and what the government and private sector should do to reverse the trend. Continue Reading
By- Rob Wright, Senior News Director
-
News
18 Aug 2017
Offensive cyberweapons from enemies may be re-engineered
The U.S. Defense Intelligence Agency wants to isolate, study, customize and re-engineer malware from adversaries to be used as its own offensive cyberweapons. Continue Reading
By- Michael Heller, TechTarget
-
News
17 Aug 2017
Authorities can't force smartphone access in iOS 11
IOS 11 will allow users to avoid authorities attempting to force smartphone access by temporarily disabling biometric unlocking of mobile devices. Continue Reading
By- Michael Heller, TechTarget
-
News
11 Aug 2017
Cybersecurity machine learning moves ahead with vendor push
Bloggers explore the growing role of cybersecurity machine learning, the capabilities of Microsoft's containers and how well SIEM works for threat detection. Continue Reading
By- Eamon McCarthy Earls, Former Associate Site Editor, TechTarget
-
News
11 Aug 2017
FBI's Next Generation Identification system exempt from Privacy Act
News roundup: The FBI Next Generation Identification biometrics database is exempt from the Privacy Act. Plus, Salesforce fired two top staffers after DEFCON, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Feature
11 Aug 2017
U.S. attorney: Gathering cybercrime evidence can be difficult
Assistant U.S. attorney says jurors and courts are getting smarter about cybercrime evidence, although digital cases overall may be getting more difficult to prosecute. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
10 Aug 2017
Risk & Repeat: Voting machine hacking brings good and bad news
In this week's Risk & Repeat podcast, SearchSecurity editors look back at DEFCON 2017's voting machine hacking and what it could mean for the future of U.S. election security. Continue Reading
By- Rob Wright, Senior News Director