Security operations and management
Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.
Top Stories
-
Feature
20 Dec 2024
Identity and access management tools and features for 2025
The IAM tool marketplace is complex and ever-changing. Learn about key features and how to discern what your organization needs before approaching potential providers. Continue Reading
By- Ed Moyle, Drake Software
-
Guest Post
19 Dec 2024
Add gamification learning to your pen testing training playbook
Organizations that embrace gamification in their pen testing training are better positioned to build and maintain the skilled security teams needed to address evolving threats. Continue Reading
By- Ed Skoudis, SANS Technology Institute
-
Feature
09 Aug 2017
How FBI cyber investigations handle obfuscation techniques
An FBI agent discusses cyber investigations, how they handle obfuscation techniques, the anonymizing features of the deep web and how to catch the right person. Continue Reading
By- Michael Heller, TechTarget
-
Feature
08 Aug 2017
FBI: Cyber investigations no different from real world
Despite a loud group claiming the burden of proof is harder to meet with digital evidence, an agent says FBI cyber investigations are not much different from traditional cases. Continue Reading
By- Michael Heller, TechTarget
-
News
03 Aug 2017
MalwareTech arrested for Kronos banking Trojan connection
The FBI arrested the famed security researcher known as MalwareTech after a two-year investigation into the creation and distribution of the Kronos banking Trojan. Continue Reading
By- Michael Heller, TechTarget
-
Tip
03 Aug 2017
What you need to know about setting up a SOC
Setting up a SOC is different for every enterprise, but there are some fundamental steps with which to start. Expert Steven Weil outlines the basics for a security operations center. Continue Reading
By- Steven Weil, Point B
-
News
02 Aug 2017
Hacking voting machines takes center stage at DEFCON
DEFCON attendees were successful in hacking voting machines and now that there is proof the systems are insecure, more work needs to be done to change election laws and practices. Continue Reading
By- Michael Heller, TechTarget
-
E-Zine
01 Aug 2017
Four technologies that could transform information security programs
With digital transformations underway in many industries, CIOs aren't the only ones who need to have the next big thing on their radar. What security innovations should you follow to ready your organization's information security programs?
The internet of things is both a security threat and potentially a security boon. Big data, machine learning and a growing number of systems with pseudo artificial intelligence may help ease the workloads of security analysts. Bitcoin's distributed database technology known as blockchain can add security to a variety of systems, but scalability remains an early concern. Quantum computing? That one may be too far out -- five years at least -- to be considered a near-term technology disruptor to enterprise information security programs.
Whether your organization is focused on manufacturing and infrastructure -- such as industrial control systems -- or consumer and information technology -- such as the internet of things -- everything is rapidly becoming connected and potentially accessible from the internet. Many information security programs are not on track for the internet of things, complex clouds and other technology disruptors. We dust off the crystal ball in this issue of Information Security magazine and ask infosec experts and venture capitalists to look into the future.
Continue Reading -
News
01 Aug 2017
Experts debate Vulnerabilities Equities Process disclosure
Experts debated how the government should weigh disclosure in the Vulnerabilities Equities Process and whether to err on the side of offense or defense. Continue Reading
By- Michael Heller, TechTarget
-
News
26 Jul 2017
Stamos preaches defensive security research in Black Hat keynote
Facebook's Alex Stamos used his Black Hat 2017 keynote to address a wide variety of issues, including defensive security research and diversity in the infosec community. Continue Reading
By- Michael Heller, TechTarget
-
News
25 Jul 2017
Fancy Bear C&C servers taken down by Microsoft lawsuit
Experts applaud Microsoft for clever use of a lawsuit to claim command and control server domains used by malicious Russian APT group Fancy Bear. Continue Reading
By- Michael Heller, TechTarget
-
News
21 Jul 2017
Dark web markets' shutdown may lead to more arrests
Cooperation between law enforcement from around the world led to the shutdown of the AlphaBay and Hansa dark web markets and potential leads of illegal vendors. Continue Reading
By- Michael Heller, TechTarget
-
News
21 Jul 2017
Bipartisan group launches effort to improve election security
News roundup: The Defending Digital Democracy project brings together security experts to tackle election security. Plus, government shake-ups could hit cybersecurity, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Tip
20 Jul 2017
Applying cybersecurity readiness to today's enterprises
How prepared is your organization for a cyberattack? Expert Peter Sullivan outlines the seven steps enterprises need to take in order to achieve cybersecurity readiness. Continue Reading
-
Podcast
19 Jul 2017
Risk & Repeat: Kaspersky Lab removed from GSA Schedule 70
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Trump administration's removal of Kaspersky Lab from the GSA Schedule 70 for federal IT contracts. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
18 Jul 2017
Why security incident management is paramount for enterprises
Enterprises aren't truly prepared for cyber threats unless they have proper security incident management in place. Expert Peter Sullivan explains what enterprises need to know. Continue Reading
-
News
26 Jun 2017
Security code reviews by Russian agencies cause concern
Demands for security code reviews by Russia have been on the rise, and not all experts or U.S. companies want to comply with the requests. Continue Reading
By- Michael Heller, TechTarget
-
News
23 Jun 2017
Brutal Kangaroo USB malware could be reverse-engineered
The Brutal Kangaroo USB malware leaked from the CIA's Vault 7 could pose a threat to air-gapped computers if hackers reverse-engineer it. Continue Reading
By- Michael Heller, TechTarget
-
News
21 Jun 2017
RNC leak of voter database exposes poor cloud security practices
A massive voter database RNC leak underscores the poor cloud security practices in place in the U.S. government and many enterprises. Continue Reading
By- Michael Heller, TechTarget
-
News
16 Jun 2017
Router security issues highlighted by CIA's CherryBlossom project
The latest WikiLeaks release on CIA hacking tools includes the CherryBlossom project, which highlights router security issues, including a lack of firmware signing validation. Continue Reading
By- Michael Heller, TechTarget
-
Feature
13 Jun 2017
(ISC)2 CEO on cybersecurity workforce expansion and 2017 Congress
Recently, SearchSecurity editorial director Robert Richardson checked in with (ISC)2's CEO David Shearer as the organization prepares for its fall Security Congress. Continue Reading
-
News
09 Jun 2017
Microsoft accused of blocking independent antivirus competition
News roundup: Kaspersky files a complaint against Microsoft's handling of independent antivirus software for Windows 10. Plus, hackers use Instagram to spread malware, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
News
02 Jun 2017
International data privacy laws create inconsistent rules
A new cybersecurity law in China highlights the trend of inconsistent international data privacy laws being enacted around the world. Continue Reading
By- Michael Heller, TechTarget
-
Feature
01 Jun 2017
IT security trends: 2017 prioritizes cloud, network, endpoints
The 2017 TechTarget IT Priorities Survey reports a number of key IT security trends about where enterprises and infosec professionals place their time and resources. Continue Reading
By -
Feature
01 Jun 2017
Acquiring cybersecurity insurance: Why collaboration is key
Cybersecurity insurance is becoming more important to enterprises as threats increase. Sean Martin explains why enterprise departments need to work together to acquire it. Continue Reading
By - 01 Jun 2017
-
Podcast
18 May 2017
Risk & Repeat: Reviewing Trump's cybersecurity executive order
This week's Risk & Repeat podcast looks at President Trump's cybersecurity executive order and how it aims to address federal government and critical infrastructure issues. Continue Reading
By- Rob Wright, Senior News Director
-
News
17 May 2017
Vulnerabilities Equities Process may be law with PATCH Act
The bipartisan PATCH Act aims to codify the Vulnerabilities Equities Process into law in the wake of a global ransomware attack based on a stolen NSA cyberweapon. Continue Reading
By- Michael Heller, TechTarget
-
News
17 May 2017
Q&A: Talking bug bounty programs with Bugcrowd's Casey Ellis
As bug bounty programs become more mainstream, Bugcrowd founder and CEO Casey Ellis offers insights into rewards, best practices and tips for getting the most bang for the buck. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Answer
15 May 2017
What is NIST's guidance on lightweight cryptography?
NIST released a report on lightweight cryptography. Expert Judith Myerson reviews what the report covers and what NIST recommends for standardization. Continue Reading
-
News
12 May 2017
Trump cyber executive order focuses on cyber-risk management
The Trump cyber executive order arrived, with a focus on cyber-risk management and reports. But key details are missing in terms of implementing changes. Continue Reading
By- Michael Heller, TechTarget
-
Tip
11 May 2017
Applying the new FDA medical device guidance to infosec programs
New FDA medical device guidance demonstrates the need for better cybersecurity during manufacturing and use. Expert Nick Lewis explains how enterprises can use the recommendations. Continue Reading
By -
Answer
10 May 2017
Should the Vulnerabilities Equities Process be codified into law?
The Vulnerabilities Equities Process is a controversial subject. Expert Matthew Pascucci looks at the arguments for and against codifying it into law. Continue Reading
-
Blog Post
03 May 2017
Verizon DBIR 2017 loses international contributors
Looking at the overall numbers for the contributors to the Verizon Data Breach Investigations Report (DBIR) from the past five years, it would seem like the amount of partners is hitting a plateau, ... Continue Reading
By- Michael Heller, TechTarget
-
News
02 May 2017
NATO cyberwar games show the U.S. needs more practice
The NATO Locked Shields cyberwar games had the U.S. team winning most improved, but experts say the U.S. still needs more practice. Continue Reading
By- Michael Heller, TechTarget
-
News
28 Apr 2017
Verizon DBIR 2017: Basic cybersecurity focus misplaced
Basic cybersecurity measures like limiting password reuse and implementing multifactor authentication could be big benefits, according to the Verizon DBIR 2017. Continue Reading
By- Michael Heller, TechTarget
-
News
28 Apr 2017
Pretexting is a rising threat, according to 2017 Verizon DBIR
The 2017 Verizon DBIR details threats becoming more popular, like ransomware, and some that are less known, but dangerous, like pretexting. Continue Reading
By- Michael Heller, TechTarget
-
News
28 Apr 2017
Still waiting for a cybersecurity executive order from Trump
News roundup: A cybersecurity executive order overdue, but 'close and nearby.' Plus, the USPTO says it will stop using HTTPS; a teenage hacker sentenced to prison; and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
News
07 Apr 2017
State Department hack and APT29 prove attacker resilience
News Roundup: 'Hand-to-hand' combat in State Department hack, APT29 has a stealth backdoor, the creator of the internet backs strong encryption, and more. Continue Reading
By- Michael Heller, TechTarget
-
Answer
07 Apr 2017
What should be included in a social media security policy?
A social media security policy is necessary for most enterprises today. Expert Mike O. Villegas discusses what should be included in social media policies. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
06 Apr 2017
Public/private threat intelligence sharing faces roadblocks
The U.S. government says it wants to improve threat intelligence sharing between the public and private sectors, but experts are unsure that is possible in the current climate. Continue Reading
By- Michael Heller, TechTarget
-
Tip
06 Apr 2017
Dedicated security teams: The pros and cons of splitting focus areas
Could using dedicated security teams that focus on one area of risk help reduce the attack surface for enterprises? Expert Steven Weil looks at the pros and cons of that approach. Continue Reading
By- Steven Weil, Point B
-
Feature
03 Apr 2017
MSSPs add advanced threats as managed security services gain hold
Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'? Continue Reading
-
News
31 Mar 2017
EU encryption backdoor options for messaging apps set for June
Messaging app developers will be offered 'three or four' legislative and non-legislative options for encryption backdoor access for EU law enforcement. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
31 Mar 2017
WikiLeaks' false flag attack allegations against CIA unfounded
Another set of documents from the Vault 7 CIA cache was released by WikiLeaks, but experts say the allegations of false flag attacks are unfounded and dangerous. Continue Reading
By- Michael Heller, TechTarget
-
News
31 Mar 2017
Obama-era cyber executive order extended by Trump
A cyber executive order from the Obama era has been extended by President Trump to allow sanctions placed on cybercriminals who attack the U.S. Continue Reading
By- Michael Heller, TechTarget
-
News
30 Mar 2017
Experts debunk strong encryption claims by FBI's Comey
FBI Director James Comey clearly laid out his views on strong encryption and urged more conversation, but experts say his arguments fall flat and may even be misleading. Continue Reading
By- Michael Heller, TechTarget
-
News
24 Mar 2017
Encryption debate needs to be nuanced, FBI's Comey says
FBI Director James Comey brought the encryption debate back to the forefront by asking for a 'nuanced and thoughtful' conversation on the topic before there is a serious attack. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
22 Mar 2017
Risk & Repeat: Accused Yahoo hackers indicted
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the indictments of the alleged Yahoo hackers and how the attackers minted Yahoo authentication cookies. Continue Reading
By- Rob Wright, Senior News Director
-
News
21 Mar 2017
WikiLeaks' disclosure of CIA hacks comes with requirements
WikiLeaks reportedly made demands of vendors at risk from the Vault 7 CIA hacks, but without knowing what the requirements are, experts are unsure how to react. Continue Reading
By- Michael Heller, TechTarget
-
News
21 Mar 2017
FBI investigating Trump campaign ties to Russia, DNC breach
FBI Director James Comey confirmed the bureau is investigating the Trump campaign's ties to the Russian government and election cyberattacks such as the DNC breach. Continue Reading
By- Rob Wright, Senior News Director
-
News
17 Mar 2017
Will the Yahoo breach indictments be an effective hacker deterrent?
The Department of Justice indicted suspects in the 2014 Yahoo breach, but experts are unsure if this will prove to be an effective hacker deterrent moving forward. Continue Reading
By- Michael Heller, TechTarget
-
Answer
16 Mar 2017
Can CISOs facilitate peace between privacy and information security?
Privacy and information security can often be at odds with each other in enterprises. Expert Mike O. Villegas explains how C-levels can help to get the two to work in harmony. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
15 Mar 2017
DOJ indicts suspected Yahoo hackers from Russia; extradition unclear
The U.S. Department of Justice indicted four men -- including two Russian Federal Security Service officers -- accused of being the Yahoo hackers, but only one person was arrested. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
15 Mar 2017
Risk & Repeat: Leak of CIA hacking tools creates confusion
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the confusion around WikiLeaks' release of government documents regarding CIA hacking tools. Continue Reading
-
Answer
15 Mar 2017
How can CISOs strengthen communications with cybersecurity staff?
Effective CISO communications are key to fostering a healthy relationship with the cybersecurity staff. Expert Mike O. Villegas reviews some ways to build that relationship. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Answer
14 Mar 2017
What effect does a federal CISO have on government cybersecurity?
The brief tenure of a federal CISO in the U.S. government recently came to an end. Expert Mike O. Villegas discusses the effect this has on the U.S. cybersecurity posture. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
10 Mar 2017
WikiLeaks vows to disclose CIA hacking tools; CIA to investigate
WikiLeaks founder Julian Assange promised to work with vendors to help patch products vulnerable to CIA hacking tools, while the FBI and CIA will investigate the leak. Continue Reading
By- Michael Heller, TechTarget
-
Tip
09 Mar 2017
IoT development and implementation: Managing enterprise security
The CSA's guidelines for secure IoT development can give enterprises an idea of how to evaluate IoT products. Expert Nick Lewis explains the steps enterprises should take. Continue Reading
By -
Podcast
09 Mar 2017
Risk & Repeat: Does the Amazon S3 outage raise security flags?
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Amazon Simple Storage Service outage and why the incident may have security implications. Continue Reading
By- Rob Wright, Senior News Director
-
News
08 Mar 2017
Responsible vulnerability disclosure lacking by CIA and WikiLeaks
Experts criticize both WikiLeaks and the CIA for failing responsible vulnerability disclosure around the Vault 7 documents, and question the CIA's use of the VEP. Continue Reading
By- Michael Heller, TechTarget
-
News
08 Mar 2017
Vault 7 CIA hacking weapons include iOS, Android and Windows zero days
WikiLeaks released a massive dump of files it claims to be CIA hacking tools, codenamed Vault 7, which includes iOS and Android zero-day exploits. Continue Reading
By- Michael Heller, TechTarget
-
News
24 Feb 2017
Experts: Government Vulnerabilities Equities Process should be law
Experts say codifying the Vulnerabilities Equities Process into law would increase transparency and trust regarding vulnerability disclosure by the government. Continue Reading
By- Michael Heller, TechTarget
-
Blog Post
24 Feb 2017
RSA Conference 2017: Are software regulations coming for developers?
Security expert Bruce Schneier said programmers' freedom to code whatever they want will likely come to an end. Should the industry brace itself for software regulations? Continue Reading
By- Rob Wright, Senior News Director
-
Podcast
22 Feb 2017
Risk & Repeat: RSA Conference 2017 highlights and trends
In this episode of SearchSecurity's Risk & Repeat podcast, editors recap RSA Conference 2017 and discuss how the show addressed many security problems, but had very few answers. Continue Reading
By- Rob Wright, Senior News Director
-
News
22 Feb 2017
Understanding of security remediation differs for CISOs, researchers
One expert warned there can be a disconnect between what security remediation means to CISOs and what researchers announce because of divergent objectives. Continue Reading
By- Michael Heller, TechTarget
-
News
16 Feb 2017
Experts debate national cybersecurity policy suggestions at RSAC 2017
Experts at RSAC 2017 discussed national cybersecurity policy suggestions for the new presidential administration, including what to do about encryption and the DHS mission. Continue Reading
By- Michael Heller, TechTarget
-
Tip
16 Feb 2017
Intrusion response plans: Tales from front-line IT support
The right intrusion response training can make all the difference in data breach prevention. Expert Joe Granneman provides a real-world example from which enterprises can learn. Continue Reading
By- Joseph Granneman, Illumination.io
-
Answer
16 Feb 2017
How does a security portfolio help an enterprise security program?
A security portfolio shouldn't be used as an alternative to a reporting structure, but it can still be beneficial to enterprises. Expert Mike O. Villegas explains how. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
16 Feb 2017
RSA Conference speakers tackle tech immigration reform, travel ban
Several speakers made pro-immigration remarks at RSA Conference 2017 and called for tech immigration reform following President Trump's controversial executive order. Continue Reading
By- Rob Wright, Senior News Director
-
News
15 Feb 2017
Upcoming cybersecurity executive order leaves RSAC experts optimistic
Experts at RSAC 2017 discussed the upcoming cybersecurity executive order from the new presidential administration and how the NIST Framework strengthens the plan. Continue Reading
By- Michael Heller, TechTarget
-
News
15 Feb 2017
Do IoT security risks require new legislation or will standards suffice?
In a panel discussion about current IoT security risks, experts at RSA Conference 2017 weigh government legislation options against industry self-regulation. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
15 Feb 2017
Bruce Schneier: It's time for internet-of-things regulation
Speaking at RSA Conference 2017, security expert Bruce Schneier called for the creation of a new government agency to oversee internet-of-things regulation. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
15 Feb 2017
What are the pros and cons of hiring a virtual CISO?
A virtual CISO is a good option for smaller organizations that want stronger security leadership, but don't have the budget. Expert Mike O. Villegas discusses the pros and cons. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
15 Feb 2017
State-sponsored hacking needs to stop, says Congressman McCaul
Rep. Michael McCaul took a harsh stance on Russian state-sponsored hacking at RSA Conference 2017 and pushed the U.S. government to do more to stop such attacks. Continue Reading
By- Rob Wright, Senior News Director
-
News
14 Feb 2017
RSA panel covers cryptography trends, elections and more
Panel at RSAC on cryptography trends offers views on AI's coming domination of cybersecurity, quantum computing and quantum cryptography, politics and elections and more. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
14 Feb 2017
Ramzan advocates collaborative security in RSAC keynote
Zulfikar Ramzan opens RSA Conference 2017 by reminding enterprises that just as cyberattacks have long-tail repercussions, so too do collaborative security decisions made in business. Continue Reading
By- Michael Heller, TechTarget
-
News
14 Feb 2017
RSA President Rohit Ghai details new cybersecurity platform at RSAC 2017
Michael Dell introduces RSA's newly appointed president, Rohit Ghai, who is set to lead the cybersecurity firm as it implements its new Business Driven Security platform. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
14 Feb 2017
Nation-state cyberattacks rising, warns former NSA director
Speaking at RSA Conference 2017, former NSA Director Keith Alexander warned of increased nation-state cyberattacks and called for an overhaul of U.S. government cybersecurity. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
13 Feb 2017
Who should be on an enterprise cybersecurity advisory board?
What qualifications does a cybersecurity advisory board member need to best serve enterprises? Expert Mike O. Villegas outlines the most helpful backgrounds for board members. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
10 Feb 2017
Trump tells White House cybersecurity officer, 'You're fired'
Rumors have been confirmed that President Trump has fired the White House cybersecurity officer in charge of making sure he and his staff are not hacked. Continue Reading
By- Michael Heller, TechTarget
-
News
10 Feb 2017
NSA contractor indicted for stealing elite cyberweapons over 20 years
The NSA contractor accused of stealing elite cyberweapons over the course of 20 years, but his connection to the Shadow Brokers auction of similar hacking tools is still unclear. Continue Reading
By- Michael Heller, TechTarget
-
News
09 Feb 2017
IoT security threat to become real post-Mirai at RSA Conference 2017
IoT security tops the list of RSA Conference 2017 submissions after IoT devices were abused by threat actors, but the topics experts worry about are much more far-reaching. Continue Reading
By- Michael Heller, TechTarget
-
Tip
09 Feb 2017
How to organize an enterprise cybersecurity team effectively
The structure of an enterprise's cybersecurity team is important for ensuring it's as effective as possible. Expert Steven Weil outlines strategies for setting up a security group. Continue Reading
By- Steven Weil, Point B
-
News
07 Feb 2017
Google to appeal after loss in cloud data privacy case
Further battle over cloud data privacy is imminent, as a court decides against Google and declines to consider Microsoft's recent appeal victory as precedent. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
03 Feb 2017
Experts debate effects of government cybersecurity executive order
A leaked version of a draft of a government cybersecurity executive order from President Trump has experts debating the effects such an order would have. Continue Reading
By- Michael Heller, TechTarget
-
News
02 Feb 2017
Pentagon hack possible due to bad vulnerability management
A researcher finds unpatched flaws in DOD systems that may have already allowed a Pentagon hack, and the government is doing nothing to remediate the issue. Continue Reading
By- Michael Heller, TechTarget
-
News
31 Jan 2017
RSA Conference 2017 "not impacted" by Trump's executive order
RSA Conference 2017 hasn't been affected by President Trump's recent executive order, but the travel ban has still send shockwaves through the tech industry. Continue Reading
By- Rob Wright, Senior News Director
-
News
31 Jan 2017
RSAC 2017 Innovation Sandbox highlights top 10 cyber startups
RSAC 2017: Innovation Sandbox competition pits this year's top 10 cybersecurity startups against each other in a bid to win top honors as most innovative. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Conference Coverage
30 Jan 2017
RSA 2017: Special conference coverage
Follow breaking news from the SearchSecurity team at RSA 2017 in San Francisco to learn the latest developments in the information security industry. Continue Reading
-
News
27 Jan 2017
Americans split on federal government security, encryption attitudes
News roundup: Half of Americans don't trust federal government security. Plus, a Kaspersky Lab manager was arrested; an internal DOD network was found vulnerable; and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Tip
26 Jan 2017
When not to renew a vendor contract due to security issues
Opting out of a vendor contract for security reasons can be a tough decision for CISOs. Expert Mike O. Villegas discusses how NASA handled the situation and what CISOs can do. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
23 Jan 2017
SEC to investigate the Yahoo breach disclosures
The SEC has requested more information for potential cases concerning whether the Yahoo breach disclosures could have come sooner. Continue Reading
By- Michael Heller, TechTarget
-
News
20 Jan 2017
Future of the federal CISO position in question as Touhill steps down
Retired Brig. Gen. Gregory Touhill stepped down as the federal CISO, leaving questions surrounding the future of the position and the work he has done. Continue Reading
By- Michael Heller, TechTarget
-
Answer
12 Jan 2017
What effect does FITARA have on U.S. government cybersecurity?
FITARA became a law in 2014, but government cybersecurity continues to struggle. Expert Mike O. Villegas discusses the effects of the law. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Podcast
12 Jan 2017
Risk & Repeat: CES Cybersecurity Forum tackles passwords, IoT
In this episode of SearchSecurity's Risk & Repeat podcast, editors highlight the topics discussed at the CES Cybersecurity Forum, as well as new technologies showcased at the event. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
10 Jan 2017
What are the potential pros and cons of a Cyber National Guard?
A congressman proposed adding a Cyber National Guard to the military to protect the U.S. from cyber adversaries. Expert Mike O. Villegas examines the potential drawbacks of this branch. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Security School
10 Jan 2017
Privileged access management and security in the enterprise
This Security School explores the important steps enterprises need to take when managing privileged access accounts to prevent credential abuse and security incidents. Continue Reading
-
Answer
09 Jan 2017
Are investigations crucial to data breach protection?
SWIFT banking has a team dedicated to data breach investigations. Expert Mike O. Villegas discusses why this is necessary and whether other organizations should follow suit. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Tip
05 Jan 2017
The dangers of using security policy templates in the enterprise
Among other drawbacks, using security policy templates can make compliance audits and breach assessments harder for enterprises. Expert Joseph Granneman explains why they're risky. Continue Reading
By- Joseph Granneman, Illumination.io
-
Tip
04 Nov 2016
Information security risk management: Understanding the components
An enterprise has to know what risks it is facing. Expert Peter Sullivan explains why an information security risk management plan is crucial for cybersecurity readiness. Continue Reading
-
Tip
02 Nov 2016
Cloud DDoS protection: What enterprises need to know
DDoS attacks are a continuing problem, and enterprises should consider using cloud DDoS protection services. Expert Frank Siemons discusses the cloud options. Continue Reading
By- Frank Siemons, RedSec