Expert analysis
PSD2 and strong customer authentication: Are all elements equal?
The European Payment Services Directive 2 (PSD2), introduced in January 2018, contains the requirement for additional security features for certain online transactions. These …
Supply chain attacks: Mitigation and protection
In software development, a supply chain attack is typically performed by inserting malicious code into a code dependency or third-party service integration. Unlike typical …
Hacking our way into cybersecurity for medical devices
Hospitals are filled with machines connected to the internet. With a combination of both wired and wireless connectivity, knowing and managing which devices are connected has …
SEC demands better disclosure for cybersecurity incidents and threats
As companies increasingly rely on networked systems and on the Internet, cybersecurity threats have grown. Companies that fall victim to a successful cyberattack incur …
GE trade secret theft case demonstrates need for document behavior monitoring
A former GE engineer and a Chinese national have been formally charged with 14 counts of economic espionage by the U.S. Department of Justice after stealing trade secrets from …
Best practices when implementing SD-WAN
Telecoms is an overall complex business – delivering network circuits and optimizing connections – but SD-WAN has its own very specific set of obstacles. SD-WAN involves many …
Too fast, too insecure: Securing Mongo Express web administrative interfaces
Mongo Express is a lightweight web-based administrative interface deployed to manage MongoDB databases interactively. It is authored using Node.js, Express and Bootstrap …
You can’t fix what you can’t see: A new way of looking at network performance
Network performance, or the service quality of a business’ network, is critical to running a successful enterprise. Imagine the cost to an organization when the corporate …
Nearly half of firms suffer data breaches at hands of vendors
As trusted partners, third-party vendors often become the overlooked or unwitting accomplice in criminal activities. As privacy laws and cybersecurity regulations continue to …
The foundation: Quantifying risk with focused security measurement
When you hear “quantify risk,” you might think it’s the buzz-term du jour. You might be right. Risk quantification is a hot topic right now. It seems everyone who touches …
Building a modern data registry: Go beyond data classification
For organizations, understanding what data they store and analyze is gaining increasing urgency due to new privacy regulations, from the Global Data Privacy Regulation (GDPR) …
The perimeter is vanishing, how will you secure your network?
There’s a new reality to network security, driven by the fact that the perimeter is vanishing. The concept of a network being fully enclosed within a building or virtual …
Featured news
Resources
Don't miss
- Webinar: The IT Leader’s Guide to AI Governance
- OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers
- The exploit gap is closing, and your patch cycle wasn’t built for this
- Coordinated vulnerability disclosure is now an EU obligation, but cultural change takes time
- Legitify: Open-source scanner for security misconfigurations on GitHub and GitLab