Security operations and management
Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.
Top Stories
-
Tip
20 Nov 2024
User provisioning and deprovisioning: Why it matters for IAM
Overprivileged and orphaned user identities pose risks. Cybersecurity teams should be sure user profiles grant only appropriate access -- and only for as long as necessary. Continue Reading
-
Video
18 Nov 2024
An explanation of cybercrime
Cybercrime is a real and illegal threat, just like traditional crime. Learn about cybercriminals and effective prevention strategies to safeguard yourself online. Continue Reading
-
News
25 Jul 2017
Fancy Bear C&C servers taken down by Microsoft lawsuit
Experts applaud Microsoft for clever use of a lawsuit to claim command and control server domains used by malicious Russian APT group Fancy Bear. Continue Reading
-
News
21 Jul 2017
Dark web markets' shutdown may lead to more arrests
Cooperation between law enforcement from around the world led to the shutdown of the AlphaBay and Hansa dark web markets and potential leads of illegal vendors. Continue Reading
-
News
21 Jul 2017
Bipartisan group launches effort to improve election security
News roundup: The Defending Digital Democracy project brings together security experts to tackle election security. Plus, government shake-ups could hit cybersecurity, and more. Continue Reading
-
Tip
20 Jul 2017
Applying cybersecurity readiness to today's enterprises
How prepared is your organization for a cyberattack? Expert Peter Sullivan outlines the seven steps enterprises need to take in order to achieve cybersecurity readiness. Continue Reading
-
Podcast
19 Jul 2017
Risk & Repeat: Kaspersky Lab removed from GSA Schedule 70
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Trump administration's removal of Kaspersky Lab from the GSA Schedule 70 for federal IT contracts. Continue Reading
-
Tip
18 Jul 2017
Why security incident management is paramount for enterprises
Enterprises aren't truly prepared for cyber threats unless they have proper security incident management in place. Expert Peter Sullivan explains what enterprises need to know. Continue Reading
-
News
26 Jun 2017
Security code reviews by Russian agencies cause concern
Demands for security code reviews by Russia have been on the rise, and not all experts or U.S. companies want to comply with the requests. Continue Reading
-
News
23 Jun 2017
Brutal Kangaroo USB malware could be reverse-engineered
The Brutal Kangaroo USB malware leaked from the CIA's Vault 7 could pose a threat to air-gapped computers if hackers reverse-engineer it. Continue Reading
-
News
21 Jun 2017
RNC leak of voter database exposes poor cloud security practices
A massive voter database RNC leak underscores the poor cloud security practices in place in the U.S. government and many enterprises. Continue Reading
-
News
16 Jun 2017
Router security issues highlighted by CIA's CherryBlossom project
The latest WikiLeaks release on CIA hacking tools includes the CherryBlossom project, which highlights router security issues, including a lack of firmware signing validation. Continue Reading
-
Feature
13 Jun 2017
(ISC)2 CEO on cybersecurity workforce expansion and 2017 Congress
Recently, SearchSecurity editorial director Robert Richardson checked in with (ISC)2's CEO David Shearer as the organization prepares for its fall Security Congress. Continue Reading
-
News
09 Jun 2017
Microsoft accused of blocking independent antivirus competition
News roundup: Kaspersky files a complaint against Microsoft's handling of independent antivirus software for Windows 10. Plus, hackers use Instagram to spread malware, and more. Continue Reading
-
News
02 Jun 2017
International data privacy laws create inconsistent rules
A new cybersecurity law in China highlights the trend of inconsistent international data privacy laws being enacted around the world. Continue Reading
-
Feature
01 Jun 2017
IT security trends: 2017 prioritizes cloud, network, endpoints
The 2017 TechTarget IT Priorities Survey reports a number of key IT security trends about where enterprises and infosec professionals place their time and resources. Continue Reading
-
Feature
01 Jun 2017
Acquiring cybersecurity insurance: Why collaboration is key
Cybersecurity insurance is becoming more important to enterprises as threats increase. Sean Martin explains why enterprise departments need to work together to acquire it. Continue Reading
- 01 Jun 2017
-
Podcast
18 May 2017
Risk & Repeat: Reviewing Trump's cybersecurity executive order
This week's Risk & Repeat podcast looks at President Trump's cybersecurity executive order and how it aims to address federal government and critical infrastructure issues. Continue Reading
-
News
17 May 2017
Vulnerabilities Equities Process may be law with PATCH Act
The bipartisan PATCH Act aims to codify the Vulnerabilities Equities Process into law in the wake of a global ransomware attack based on a stolen NSA cyberweapon. Continue Reading
-
News
17 May 2017
Q&A: Talking bug bounty programs with Bugcrowd's Casey Ellis
As bug bounty programs become more mainstream, Bugcrowd founder and CEO Casey Ellis offers insights into rewards, best practices and tips for getting the most bang for the buck. Continue Reading
-
Answer
15 May 2017
What is NIST's guidance on lightweight cryptography?
NIST released a report on lightweight cryptography. Expert Judith Myerson reviews what the report covers and what NIST recommends for standardization. Continue Reading
-
News
12 May 2017
Trump cyber executive order focuses on cyber-risk management
The Trump cyber executive order arrived, with a focus on cyber-risk management and reports. But key details are missing in terms of implementing changes. Continue Reading
-
Tip
11 May 2017
Applying the new FDA medical device guidance to infosec programs
New FDA medical device guidance demonstrates the need for better cybersecurity during manufacturing and use. Expert Nick Lewis explains how enterprises can use the recommendations. Continue Reading
-
Answer
10 May 2017
Should the Vulnerabilities Equities Process be codified into law?
The Vulnerabilities Equities Process is a controversial subject. Expert Matthew Pascucci looks at the arguments for and against codifying it into law. Continue Reading
-
Blog Post
03 May 2017
Verizon DBIR 2017 loses international contributors
Looking at the overall numbers for the contributors to the Verizon Data Breach Investigations Report (DBIR) from the past five years, it would seem like the amount of partners is hitting a plateau, ... Continue Reading
-
News
02 May 2017
NATO cyberwar games show the U.S. needs more practice
The NATO Locked Shields cyberwar games had the U.S. team winning most improved, but experts say the U.S. still needs more practice. Continue Reading
-
News
28 Apr 2017
Verizon DBIR 2017: Basic cybersecurity focus misplaced
Basic cybersecurity measures like limiting password reuse and implementing multifactor authentication could be big benefits, according to the Verizon DBIR 2017. Continue Reading
-
News
28 Apr 2017
Pretexting is a rising threat, according to 2017 Verizon DBIR
The 2017 Verizon DBIR details threats becoming more popular, like ransomware, and some that are less known, but dangerous, like pretexting. Continue Reading
-
News
28 Apr 2017
Still waiting for a cybersecurity executive order from Trump
News roundup: A cybersecurity executive order overdue, but 'close and nearby.' Plus, the USPTO says it will stop using HTTPS; a teenage hacker sentenced to prison; and more. Continue Reading
-
News
07 Apr 2017
State Department hack and APT29 prove attacker resilience
News Roundup: 'Hand-to-hand' combat in State Department hack, APT29 has a stealth backdoor, the creator of the internet backs strong encryption, and more. Continue Reading
-
Answer
07 Apr 2017
What should be included in a social media security policy?
A social media security policy is necessary for most enterprises today. Expert Mike O. Villegas discusses what should be included in social media policies. Continue Reading
-
News
06 Apr 2017
Public/private threat intelligence sharing faces roadblocks
The U.S. government says it wants to improve threat intelligence sharing between the public and private sectors, but experts are unsure that is possible in the current climate. Continue Reading
-
Tip
06 Apr 2017
Dedicated security teams: The pros and cons of splitting focus areas
Could using dedicated security teams that focus on one area of risk help reduce the attack surface for enterprises? Expert Steven Weil looks at the pros and cons of that approach. Continue Reading
-
Feature
03 Apr 2017
MSSPs add advanced threats as managed security services gain hold
Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'? Continue Reading
-
News
31 Mar 2017
EU encryption backdoor options for messaging apps set for June
Messaging app developers will be offered 'three or four' legislative and non-legislative options for encryption backdoor access for EU law enforcement. Continue Reading
-
News
31 Mar 2017
WikiLeaks' false flag attack allegations against CIA unfounded
Another set of documents from the Vault 7 CIA cache was released by WikiLeaks, but experts say the allegations of false flag attacks are unfounded and dangerous. Continue Reading
-
News
31 Mar 2017
Obama-era cyber executive order extended by Trump
A cyber executive order from the Obama era has been extended by President Trump to allow sanctions placed on cybercriminals who attack the U.S. Continue Reading
-
News
30 Mar 2017
Experts debunk strong encryption claims by FBI's Comey
FBI Director James Comey clearly laid out his views on strong encryption and urged more conversation, but experts say his arguments fall flat and may even be misleading. Continue Reading
-
News
24 Mar 2017
Encryption debate needs to be nuanced, FBI's Comey says
FBI Director James Comey brought the encryption debate back to the forefront by asking for a 'nuanced and thoughtful' conversation on the topic before there is a serious attack. Continue Reading
-
Podcast
22 Mar 2017
Risk & Repeat: Accused Yahoo hackers indicted
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the indictments of the alleged Yahoo hackers and how the attackers minted Yahoo authentication cookies. Continue Reading
-
News
21 Mar 2017
WikiLeaks' disclosure of CIA hacks comes with requirements
WikiLeaks reportedly made demands of vendors at risk from the Vault 7 CIA hacks, but without knowing what the requirements are, experts are unsure how to react. Continue Reading
-
News
21 Mar 2017
FBI investigating Trump campaign ties to Russia, DNC breach
FBI Director James Comey confirmed the bureau is investigating the Trump campaign's ties to the Russian government and election cyberattacks such as the DNC breach. Continue Reading
-
News
17 Mar 2017
Will the Yahoo breach indictments be an effective hacker deterrent?
The Department of Justice indicted suspects in the 2014 Yahoo breach, but experts are unsure if this will prove to be an effective hacker deterrent moving forward. Continue Reading
-
Answer
16 Mar 2017
Can CISOs facilitate peace between privacy and information security?
Privacy and information security can often be at odds with each other in enterprises. Expert Mike O. Villegas explains how C-levels can help to get the two to work in harmony. Continue Reading
-
News
15 Mar 2017
DOJ indicts suspected Yahoo hackers from Russia; extradition unclear
The U.S. Department of Justice indicted four men -- including two Russian Federal Security Service officers -- accused of being the Yahoo hackers, but only one person was arrested. Continue Reading
-
Podcast
15 Mar 2017
Risk & Repeat: Leak of CIA hacking tools creates confusion
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the confusion around WikiLeaks' release of government documents regarding CIA hacking tools. Continue Reading
-
Answer
15 Mar 2017
How can CISOs strengthen communications with cybersecurity staff?
Effective CISO communications are key to fostering a healthy relationship with the cybersecurity staff. Expert Mike O. Villegas reviews some ways to build that relationship. Continue Reading
-
Answer
14 Mar 2017
What effect does a federal CISO have on government cybersecurity?
The brief tenure of a federal CISO in the U.S. government recently came to an end. Expert Mike O. Villegas discusses the effect this has on the U.S. cybersecurity posture. Continue Reading
-
News
10 Mar 2017
WikiLeaks vows to disclose CIA hacking tools; CIA to investigate
WikiLeaks founder Julian Assange promised to work with vendors to help patch products vulnerable to CIA hacking tools, while the FBI and CIA will investigate the leak. Continue Reading
-
Tip
09 Mar 2017
IoT development and implementation: Managing enterprise security
The CSA's guidelines for secure IoT development can give enterprises an idea of how to evaluate IoT products. Expert Nick Lewis explains the steps enterprises should take. Continue Reading
-
Podcast
09 Mar 2017
Risk & Repeat: Does the Amazon S3 outage raise security flags?
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Amazon Simple Storage Service outage and why the incident may have security implications. Continue Reading
-
News
08 Mar 2017
Responsible vulnerability disclosure lacking by CIA and WikiLeaks
Experts criticize both WikiLeaks and the CIA for failing responsible vulnerability disclosure around the Vault 7 documents, and question the CIA's use of the VEP. Continue Reading
-
News
08 Mar 2017
Vault 7 CIA hacking weapons include iOS, Android and Windows zero days
WikiLeaks released a massive dump of files it claims to be CIA hacking tools, codenamed Vault 7, which includes iOS and Android zero-day exploits. Continue Reading
-
News
24 Feb 2017
Experts: Government Vulnerabilities Equities Process should be law
Experts say codifying the Vulnerabilities Equities Process into law would increase transparency and trust regarding vulnerability disclosure by the government. Continue Reading
-
Blog Post
24 Feb 2017
RSA Conference 2017: Are software regulations coming for developers?
Security expert Bruce Schneier said programmers' freedom to code whatever they want will likely come to an end. Should the industry brace itself for software regulations? Continue Reading
-
Podcast
22 Feb 2017
Risk & Repeat: RSA Conference 2017 highlights and trends
In this episode of SearchSecurity's Risk & Repeat podcast, editors recap RSA Conference 2017 and discuss how the show addressed many security problems, but had very few answers. Continue Reading
-
News
22 Feb 2017
Understanding of security remediation differs for CISOs, researchers
One expert warned there can be a disconnect between what security remediation means to CISOs and what researchers announce because of divergent objectives. Continue Reading
-
News
16 Feb 2017
Experts debate national cybersecurity policy suggestions at RSAC 2017
Experts at RSAC 2017 discussed national cybersecurity policy suggestions for the new presidential administration, including what to do about encryption and the DHS mission. Continue Reading
-
Tip
16 Feb 2017
Intrusion response plans: Tales from front-line IT support
The right intrusion response training can make all the difference in data breach prevention. Expert Joe Granneman provides a real-world example from which enterprises can learn. Continue Reading
-
Answer
16 Feb 2017
How does a security portfolio help an enterprise security program?
A security portfolio shouldn't be used as an alternative to a reporting structure, but it can still be beneficial to enterprises. Expert Mike O. Villegas explains how. Continue Reading
-
News
16 Feb 2017
RSA Conference speakers tackle tech immigration reform, travel ban
Several speakers made pro-immigration remarks at RSA Conference 2017 and called for tech immigration reform following President Trump's controversial executive order. Continue Reading
-
News
15 Feb 2017
Upcoming cybersecurity executive order leaves RSAC experts optimistic
Experts at RSAC 2017 discussed the upcoming cybersecurity executive order from the new presidential administration and how the NIST Framework strengthens the plan. Continue Reading
-
News
15 Feb 2017
Do IoT security risks require new legislation or will standards suffice?
In a panel discussion about current IoT security risks, experts at RSA Conference 2017 weigh government legislation options against industry self-regulation. Continue Reading
-
News
15 Feb 2017
Bruce Schneier: It's time for internet-of-things regulation
Speaking at RSA Conference 2017, security expert Bruce Schneier called for the creation of a new government agency to oversee internet-of-things regulation. Continue Reading
-
Answer
15 Feb 2017
What are the pros and cons of hiring a virtual CISO?
A virtual CISO is a good option for smaller organizations that want stronger security leadership, but don't have the budget. Expert Mike O. Villegas discusses the pros and cons. Continue Reading
-
News
15 Feb 2017
State-sponsored hacking needs to stop, says Congressman McCaul
Rep. Michael McCaul took a harsh stance on Russian state-sponsored hacking at RSA Conference 2017 and pushed the U.S. government to do more to stop such attacks. Continue Reading
-
News
14 Feb 2017
RSA panel covers cryptography trends, elections and more
Panel at RSAC on cryptography trends offers views on AI's coming domination of cybersecurity, quantum computing and quantum cryptography, politics and elections and more. Continue Reading
-
News
14 Feb 2017
Ramzan advocates collaborative security in RSAC keynote
Zulfikar Ramzan opens RSA Conference 2017 by reminding enterprises that just as cyberattacks have long-tail repercussions, so too do collaborative security decisions made in business. Continue Reading
-
News
14 Feb 2017
RSA President Rohit Ghai details new cybersecurity platform at RSAC 2017
Michael Dell introduces RSA's newly appointed president, Rohit Ghai, who is set to lead the cybersecurity firm as it implements its new Business Driven Security platform. Continue Reading
-
News
14 Feb 2017
Nation-state cyberattacks rising, warns former NSA director
Speaking at RSA Conference 2017, former NSA Director Keith Alexander warned of increased nation-state cyberattacks and called for an overhaul of U.S. government cybersecurity. Continue Reading
-
Answer
13 Feb 2017
Who should be on an enterprise cybersecurity advisory board?
What qualifications does a cybersecurity advisory board member need to best serve enterprises? Expert Mike O. Villegas outlines the most helpful backgrounds for board members. Continue Reading
-
News
10 Feb 2017
Trump tells White House cybersecurity officer, 'You're fired'
Rumors have been confirmed that President Trump has fired the White House cybersecurity officer in charge of making sure he and his staff are not hacked. Continue Reading
-
News
10 Feb 2017
NSA contractor indicted for stealing elite cyberweapons over 20 years
The NSA contractor accused of stealing elite cyberweapons over the course of 20 years, but his connection to the Shadow Brokers auction of similar hacking tools is still unclear. Continue Reading
-
News
09 Feb 2017
IoT security threat to become real post-Mirai at RSA Conference 2017
IoT security tops the list of RSA Conference 2017 submissions after IoT devices were abused by threat actors, but the topics experts worry about are much more far-reaching. Continue Reading
-
Tip
09 Feb 2017
How to organize an enterprise cybersecurity team effectively
The structure of an enterprise's cybersecurity team is important for ensuring it's as effective as possible. Expert Steven Weil outlines strategies for setting up a security group. Continue Reading
-
News
07 Feb 2017
Google to appeal after loss in cloud data privacy case
Further battle over cloud data privacy is imminent, as a court decides against Google and declines to consider Microsoft's recent appeal victory as precedent. Continue Reading
-
News
03 Feb 2017
Experts debate effects of government cybersecurity executive order
A leaked version of a draft of a government cybersecurity executive order from President Trump has experts debating the effects such an order would have. Continue Reading
-
News
02 Feb 2017
Pentagon hack possible due to bad vulnerability management
A researcher finds unpatched flaws in DOD systems that may have already allowed a Pentagon hack, and the government is doing nothing to remediate the issue. Continue Reading
-
News
31 Jan 2017
RSA Conference 2017 "not impacted" by Trump's executive order
RSA Conference 2017 hasn't been affected by President Trump's recent executive order, but the travel ban has still send shockwaves through the tech industry. Continue Reading
-
News
31 Jan 2017
RSAC 2017 Innovation Sandbox highlights top 10 cyber startups
RSAC 2017: Innovation Sandbox competition pits this year's top 10 cybersecurity startups against each other in a bid to win top honors as most innovative. Continue Reading
-
Conference Coverage
30 Jan 2017
RSA 2017: Special conference coverage
Follow breaking news from the SearchSecurity team at RSA 2017 in San Francisco to learn the latest developments in the information security industry. Continue Reading
-
News
27 Jan 2017
Americans split on federal government security, encryption attitudes
News roundup: Half of Americans don't trust federal government security. Plus, a Kaspersky Lab manager was arrested; an internal DOD network was found vulnerable; and more. Continue Reading
-
Tip
26 Jan 2017
When not to renew a vendor contract due to security issues
Opting out of a vendor contract for security reasons can be a tough decision for CISOs. Expert Mike O. Villegas discusses how NASA handled the situation and what CISOs can do. Continue Reading
-
News
23 Jan 2017
SEC to investigate the Yahoo breach disclosures
The SEC has requested more information for potential cases concerning whether the Yahoo breach disclosures could have come sooner. Continue Reading
-
News
20 Jan 2017
Future of the federal CISO position in question as Touhill steps down
Retired Brig. Gen. Gregory Touhill stepped down as the federal CISO, leaving questions surrounding the future of the position and the work he has done. Continue Reading
-
Answer
12 Jan 2017
What effect does FITARA have on U.S. government cybersecurity?
FITARA became a law in 2014, but government cybersecurity continues to struggle. Expert Mike O. Villegas discusses the effects of the law. Continue Reading
-
Podcast
12 Jan 2017
Risk & Repeat: CES Cybersecurity Forum tackles passwords, IoT
In this episode of SearchSecurity's Risk & Repeat podcast, editors highlight the topics discussed at the CES Cybersecurity Forum, as well as new technologies showcased at the event. Continue Reading
-
Answer
10 Jan 2017
What are the potential pros and cons of a Cyber National Guard?
A congressman proposed adding a Cyber National Guard to the military to protect the U.S. from cyber adversaries. Expert Mike O. Villegas examines the potential drawbacks of this branch. Continue Reading
-
Security School
10 Jan 2017
Privileged access management and security in the enterprise
This Security School explores the important steps enterprises need to take when managing privileged access accounts to prevent credential abuse and security incidents. Continue Reading
-
Answer
09 Jan 2017
Are investigations crucial to data breach protection?
SWIFT banking has a team dedicated to data breach investigations. Expert Mike O. Villegas discusses why this is necessary and whether other organizations should follow suit. Continue Reading
-
Tip
05 Jan 2017
The dangers of using security policy templates in the enterprise
Among other drawbacks, using security policy templates can make compliance audits and breach assessments harder for enterprises. Expert Joseph Granneman explains why they're risky. Continue Reading
-
Tip
04 Nov 2016
Information security risk management: Understanding the components
An enterprise has to know what risks it is facing. Expert Peter Sullivan explains why an information security risk management plan is crucial for cybersecurity readiness. Continue Reading
-
Tip
02 Nov 2016
Cloud DDoS protection: What enterprises need to know
DDoS attacks are a continuing problem, and enterprises should consider using cloud DDoS protection services. Expert Frank Siemons discusses the cloud options. Continue Reading
-
Feature
01 Nov 2016
Want a board-level cybersecurity expert? They're hard to find
Members of the board must be ready to defend their fiduciary decisions, corporate policies, compliance actions and, soon, cybersecurity preparedness. Continue Reading
-
Answer
05 Oct 2016
How would a cyberattack information database affect companies?
A proposed cyberattack information database in the U.K. aims to improve cyberinsurance. Expert Mike Chapple explains what collecting data breach information means for U.S. companies. Continue Reading
-
Answer
20 Sep 2016
Is settling a data breach lawsuit the best option for enterprises?
In the unfortunate event of a data breach lawsuit, it's often better to settle before the case reaches court. Expert Mike O. Villegas explains why and how CISOs can help. Continue Reading
-
Answer
19 Sep 2016
Are new cybersecurity products the best investment for enterprises?
Having the latest cybersecurity products isn't always the best way to approach security. Expert Mike O. Villegas explains why and how to deal with pressure to buy new. Continue Reading
-
Tip
15 Aug 2016
Achieving cybersecurity readiness: What enterprises should know
Enterprises need to be ready to act in the face of security incidents and cyberattacks. Expert Peter Sullivan outlines seven elements of proper cybersecurity readiness. Continue Reading
-
Feature
14 Jul 2016
Cybersecurity blind spots: Mitigating risks and vulnerabilities
Cybersecurity blind spots based in risk and vulnerabilities can be difficult to spot and address. Sean Martin talks with security experts on how to overcome that challenge. Continue Reading
-
Tip
05 Jul 2016
How tabletop exercises can help uncover hidden security risks
A regular tabletop exercise could help to identify security risks in scenarios relevant to your organization. Expert Bob Wood explains the steps in the process. Continue Reading
-
News
27 Jun 2016
Intel reportedly considering selling its security business
New reports suggest Intel may be looking into selling off its security business, and experts are unclear whether it means Intel's McAfee acquisition has gone sour. Continue Reading