Latest

►

Artificial Intelligence & Machine Learning

AI's Impact on SOC Maturity

Tom Field  •  February 28, 2020

From buzzword to practical application, artificial intelligence quickly has made an impact in cybersecurity - particularly in the security operations center. Bryce Schroeder of ServiceNow projects how AI and automation will continue to influence SOCs - and the analyst's role.

►

Next-Generation Technologies & Secure Development

The Role of Visualization in Vulnerability Management

Tom Field  •  February 28, 2020

Threat intelligence and visualization technology can play huge roles in improving vulnerability management. Mieng Lim of Digital Defense outlines the potential benefits.

►

Governance & Risk Management

Zero Trust: Definitions, Practicalities, Challenges

Mathew J. Schwartz  •  February 28, 2020

Zero trust is not a product or a destination, but rather a journey requiring organizations to practice good security hygiene, continuous monitoring and detection, as well as rapid incident response backed by high levels of automation, says Shehzad Merchant, chief technology officer of Gigamon.

►

Incident & Breach Response

'Have We Been Compromised?'

Tom Field  •  February 28, 2020

At the core of cybersecurity, every leader has just one ultimate question: 'Have we been compromised?" And yet that remains the most difficult question to answer with certainty, says Ricardo Villadiego, CEO of Lumu Technologies.

Endpoint Security

Report: FCC to Fine US Carriers Over Location Data Sales

Jeremy Kirk  •  February 28, 2020

The FCC reportedly is close to fining U.S. mobile carriers, including AT&T, Sprint, T-Mobile and Verizon, for improperly selling real-time mobile phone location data.

Fraud Management & Cybercrime

RSA 2020: Roundup of Key Themes

Nick Holland  •  February 28, 2020

This special edition of the ISMG Security Report focuses exclusively on the RSA 2020 conference. Featured are comments from former NSA Director Keith Alexander on "collective defense," plus a discussion on fighting payment fraud and a roundup of other important themes.

Governance & Risk Management

Israeli Marketing Company Exposes Contacts Database

Jeremy Kirk  •  February 27, 2020

An Israeli marketing company left the authentication credentials for a database online, exposing more than 140 GB worth of names, email addresses and phone numbers. The exposure was found by a U.S.-based security specialist who became frustrated after receiving unwanted marketing messages over SMS.

►

Cloud Security

Why The Cloud Is The New Network

Nick Holland  •  February 27, 2020

Barracuda Networks has released the findings of its latest survey on public cloud security. Fleming Shi, the company's chief technology officer, describes what is holding organizations back from fully embracing the public cloud.

►

Analytics

The Ongoing Search for Indicators of Behavior

Tom Field  •  February 26, 2020

Indicators of compromise are important. But what if you could also detect patterns of behavior that tip you off before a crime? This is where Cybereason's Sam Curry is trying to shift the focus.

►

Security Operations

Mitigating Threats to Operational Technology

Tom Field  •  February 26, 2020

Digital convergence is driving a shift in the security landscape for operational technology. Fortinet's Jonathan Nguyen-Duy discusses the manifestations of this shift and how to address them.

►

Governance & Risk Management

Security and Privacy: Often Aligned, But Sometimes Not

Mathew J. Schwartz  •  February 26, 2020

Not so long ago, many were confused about how security and privacy differ, but that has been rapidly changing, thanks to regulations such as the European Union's General Data Protection Regulation and California's Consumer Privacy Act, says attorney James Shreve, a partner at Thompson Coburn LLP.

►

Training & Security Leadership

Reducing Security Complexity a Top Challenge for CISOs

Mathew J. Schwartz  •  February 26, 2020

Reducing security complexity remains one of the toughest challenges facing CISOs, driven by the non-stop increase in threats, says Jeff Reed of Cisco. Creating a sustainable solution will require advances in vendor interoperability, as well as automation and visibility, he says.