The conventional approach to cybersecurity focuses on separating the good from the bad using perimeters, firewalls, containers and other methods. But Corey Williams of Idaptive says that approach is no longer sufficient.
Multi-stage attacks use diverse and distributed methods to circumvent existing defenses and evade detection - spanning endpoints, networks, email and other vectors in an attempt to land and expand. Meanwhile, individual tools including DLP, EDR, CASBs, email security and advanced threat protection are only designed to...
An essential component of protecting payment information is devaluing the data that is transmitted so it's of no use to hackers, says Lance Johnson, executive director of the PCI Standards Security Council.
A proposed settlement in a class action lawsuit filed against ULCA Health in the wake of a 2015 cyberattack affecting 4.5 million individuals stands apart from other settlements because it requires the organization to spend a substantial sum on improving its security, says attorney Steven Teppler.
Buyer beware: A new study shows used USBs offered for sale on eBay and elsewhere may contain a wealth of personal information that could potentially be used for identity theft, phishing attacks and other cybercrimes.
The computer systems the U.S. Department of the Treasury uses to track the nation's debt have serious security flaws that could allow unauthorized access to a wealth of federal data, according to a pair of audits released this week by the Government Accountability Office.
Britain's intelligence establishment warns that Chinese networking giant Huawei's "software engineering and cybersecurity processes" continue to be beset by unresolved "defects" and that improvements promised by the manufacturer have yet to be seen.
Brad Smith, Microsoft's chief legal officer, says Australia's encryption-busting law is causing companies and governments to look elsewhere to store their data. Microsoft hasn't changed it own local operations yet, but other companies say they're no longer comfortable storing data there, he says.
Identifying the data gaps in the rapidly expanding attack surface is critical to allow more sophisticated preventive and response capabilities, says Kory Daniels of Trustwave.
It's been decades now since Steve Katz became the business world's first CISO. Today he is still active in the cybersecurity community and offers his unique perspective on security threats, solutions and the next generation of leaders.
How the country responds to the growing cyberthreats will shape its diplomatic, military and economic power. With the stakes this high, is the U.S. getting it right? Chris Painter, commissioner on the Global Commission on the Stability of Cyberspace and former White House cyber czar, offers his perspective.
At a time when diversity is a key topic within the cybersecurity leadership and workforce, MK Palmore of the FBI says we also need a diversification of skills to help improve breach defense and response.
Many organizations that have numerous digital transformation, cloud migration, app and mobile projects underway lack CISO cybersecurity input, says Emily Mossburg of Deloitte Cyber research.
New studies debut every day in the cybersecurity field. But how does one separate true research from marketing hype? Researchers Wade Baker and Jared Ettinger discuss the distinguishing qualities of credible studies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.