Information Security Policies Procedures and Guidelines
- August 07, 2015
In the wake of a major cyberattack, the process of rebuilding IT security can be daunting, but Christina Kubecka has some tips from her experiences with Saudi Aramco after a massive attack in 2012.
- July 30, 2015
Swiss research group modzero disclosed a vulnerability that enabled remote attacks on Xceedium's Xsuite privileged access manager.
- June 23, 2015
More data is thought to be a good thing in terms of threat intelligence, but iSight CEO John Watters says enterprises need to be aware of the quality and context of the data when assessing risk.
- June 12, 2015
News roundup: The call for ubiquitous HTTPS has grown stronger as of late; the White House and Apple are hoping to help push the movement. Plus: The cost of cybersecurity management to rise 38%; a 165% ransomware increase; gender salary gap closes?
- April 29, 2015
At an RSA Conference 2015 session, finance information security officer Steve Winterfeld explained why having complementary IT security and compliance strategies requires leadership buy-in and cooperation.
- April 27, 2015
A new study from network security firm Fortinet shows that enterprise security confidence levels are high despite a lack of comprehensive security measures.
- April 23, 2015
At a roundtable discussion at RSA Conference 2015, security admins pondered what to do about bloated security portfolios.
- April 22, 2015
Cyberliability insurance gains popularity as industry experts warn that, contrary to popular belief, general insurance won't protect against cyberattacks.
- April 22, 2015
At RSA 2015, former federal officials called for better government cybersecurity cooperation between agencies and with the private sector.
- April 09, 2015
Enterprises may be increasingly aware of insider threats and believe they can find and stop them, but a new SANS Institute survey suggests they may be overconfident and lack the necessary insider threat-detection technology.
- March 02, 2015
There's no shortage of new security technology, but enterprise integration is still a major hang-up, says AT&T's chief of security.
- February 26, 2015
According to HP Security Research, threat intelligence best practices can be difficult to implement, and even the most trustworthy sources must be tested for fidelity.
- February 25, 2015
Google's Project Zero has added more leeway to its vulnerability disclosure policy, but industry observers are split on whether 90 days is enough time to fix software flaws, or not enough time to manage a sensitive, resource-intensive process.
- January 23, 2015
A Ponemon Institute report highlights the biggest risks to endpoint security, and what IT professionals plan to do to fight back, including one controversial tactic in malware protection.
- January 21, 2015
The Online Trust Alliance finds that over 90% of data breaches resulting in data loss could have been prevented.