Cloud services


  • Risk & Repeat: US accuses Russia of state-sponsored cyberattacks

    In this Risk & Repeat podcast, SearchSecurity editors discuss cyber attribution following the U.S. government's claim that Russia is behind recent state-sponsored cyberattacks.Continue Reading

  • SAP vulnerability: Why didn't the patch work correctly?

    An old SAP vulnerability that enabled remote administrative access was found to be ineffectually patched. Expert Nick Lewis explains how enterprises can secure their systems.Continue Reading

  • Risk & Repeat: Yahoo breach response, security practices criticized

    In this Risk & Repeat podcast, SearchSecurity editors discuss the Yahoo breach and questions and criticism regarding the company's enterprise security practices.Continue Reading

  • How would a cyberattack information database affect companies?

    A proposed cyberattack information database in the U.K. aims to improve cyberinsurance. Expert Mike Chapple explains what collecting data breach information means for U.S. companies.Continue Reading

  • Risk & Repeat: OPM breach report sheds light on infosec failings

    In this Risk & Repeat podcast, SearchSecurity editors discuss the recent OPM breach report from Congress and what it means for the state of federal government cybersecurity.Continue Reading

  • Wireless intrusion prevention systems: A buyer's guide

    In this SearchSecurity buyer's guide, learn why it's important to have a wireless intrusion prevention system to protect your Wi-Fi networks and how to pick the right WIPS product.Continue Reading

  • SMB mobile strategies hit roadblocks

    "Go big or go home" is a common battle cry for people taking on a new challenge, but when it comes to enterprise mobility, some organizations just have to go small. Small and medium-size businesses don't have the capital to buy expensive mobility services, hire in-demand developers or recover from major security breaches. Fortunately, there are some products out there that can help -- and an SMB mobile strategy should focus on security capabilities first and foremost.

    Meanwhile, many larger companies are looking to the top enterprise software vendors for guidance when mobilizing their core business apps. In his column this month, Eric Klein explores how SAP, Oracle, IBM and Microsoft are making moves to help IT tailor essential software for smartphones and tablets. The next steps are ensuring that mobile application code is secure and threat detection software is in place, which Maribel Lopez tackles in her column. This issue's Device Spotlight takes a look at a 2-in-1 tablet from Huawei as the company gains a foothold in the United States. We also look ahead to a few conferences end-user computing pros should consider attending in the final months of the year.

    Continue Reading

  • Risk & Repeat: Voter database hacks trigger election concerns

    In this Risk & Repeat podcast, SearchSecurity editors discuss the recent cyberattacks on state voter databases and what they could mean for this election season.Continue Reading

  • IoT in healthcare: Four attack scenarios and what to do

    As medical devices become increasingly connected to the internet and, therefore, the Internet of Things (IoT), Forrester Research, said in a report that there are four types of attacks healthcare ...Continue Reading

  • Five steps for responding to hospital ransomware attacks

    Hospitals are prime targets for ransomware attacks. Health IT teams must move quickly to identify and isolate a ransomware infection to keep it from spreading.Continue Reading

  • Is the BREACH attack update a threat to Gmail security?

    The BREACH attack has been updated to perform faster data theft. Expert Nick Lewis explains the differences in this attack and the threat level for organizations that use Gmail.Continue Reading

  • DevOps and security? Here's how

    The automation of development and operations processes, known as DevOps, is catching on in project teams and business units across industries. The missing component in many of these high-risk scenarios? Security. To make DevOps and security work together, CISOs need to have ongoing collaboration with developers, automating security checks early in the process and providing them with visibility and feedback. In this issue, early adopters of the DevOps and security model share tips on how to defend the cloud's continuous improvement model.

    Retailers, led by Wal-Mart Stores, Home Depot and the National Retail Federation, contend that the two-factor authentication provided by chip and PIN card technology offers the highest level of security. Financial institutions, led by Visa, MasterCard and the American Bankers Association, say it's the microchip embedded in the card that matters because it combats counterfeit fraud. We look at both sides of the chip and PIN card debate.

    The consequences of a company's failure to stay apprised of data protection laws and to implement best practices can be dire. Organizations may find themselves not only targets of post-breach lawsuits, but on the receiving end of the Federal Trade Commission's scrutiny. By pooling the collective knowledge of the legal and IT security organizations, and by staying on top of requirements and updating them as appropriate, CISOs can cover all of their bases in a comprehensive way. We tell you how to set up the swim lanes of a legal partnership.

    Continue Reading

  • A look at the cloud migration challenges enterprises could face

    One of the most common problems facing organizations is dealing with many cloud migration challenges. Expert Dave Shackleford discusses the challenges and how to deal with them.Continue Reading

  • Information security culture: How enterprises can build and improve it

    Creating and fostering an information security culture isn't easy. Guest contributor Lance Hayden explains how to do it and how to identify signs of improvement.Continue Reading

  • Risk & Repeat: Acer data breach shows payment security shortcomings

    In this Risk & Repeat podcast, SearchSecurity editors discuss the recent Acer data breach and the questions it raises about the company's payment security practices.Continue Reading