Expert analysis
Risk and the Pareto Principle: Applying the 80/20 rule to your risk management strategy
Enterprises these days are putting more resources into monitoring and managing business risk. And with good reason – in light of a growing number of vulnerabilities and …
DNSSEC: Don’t throw the baby out with the bath water
A recent report raiseed concerns about the abuse of DNSSEC to conduct DDoS attacks. The article reported that DNSSEC-signed domains can be used to conduct reflected DDoS …
Cyber attacks: Hindsight is 20/20, GDPR is even better
The dust is beginning to settle on the EU referendum result. But, while the UK’s departure from the union is set to shake things up for many businesses nationwide, there’s at …
Shadow Brokers, digital attacks, and the escalation of geopolitical conflict
Last week’s data dump by the Shadow Brokers has left many wondering how the US will respond. This is just the latest in a series of politically motivated data breaches often …
A closer look at IT risk management and measurement
In this podcast recorded at Black Hat USA 2016, Casey Corcoran, Partner, FourV Systems, talks about the most significant trends cyber security and risk management. He …
Passwords, biometrics and multi-factor verification: What businesses need to know
Verifying identity is a double headache for small businesses. On the one hand, there’s the question of identity verification within your organization. You need to be sure only …
Access governance holds the security line
We must continue to hold the line, and we are, in this war on information security. We must continue to find our stride and take steps forward in regard to technology …
Continuous security in the web application space
What we’re seeing in the market right now is increased consolidation among vendors. They’re buying each other, more products covering another vendor’s …
Incident response challenge: How to get out of Firefighter Mode
Organizations tend to have the mindset that their IT and security teams should play the role of First Responders on the scene of a security incident. They expect their IT and …
Employee awareness training: Key component of IT security initiatives
IT projects are most effective when they take into account people, processes, and technology. These three components should be addressed concurrently so the organization can …
What’s your security strategy?
In this podcast recorded at Black Hat USA 2016 in Las Vegas, Chris Drake, CEO at Armor, talks about how corporate IT is being stretched thin. They have to tackle the corporate …
CRIME, TIME, BREACH and HEIST: A brief history of compression oracle attacks on HTTPS
The HEIST vulnerability was presented at Black Hat USA 2016 by Mathy Vanhoef and Tom Van Goethem. In this presentation, new techniques were presented that enhanced previously …
Featured news
Resources
Don't miss
- GitHub CISO on security strategy and collaborating with the open-source community
- Chainsaw: Open-source tool for hunting through Windows forensic artefacts
- Time for a change: Elevating developers’ security skills
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance