Security risk management News
October 05, 2016
Everyone wants to contribute to open source projects, but few consider the risks. Salesforce evangelist James Ward outlines the legal and security risks involved.
September 21, 2016
In this Risk & Repeat podcast, SearchSecurity editors discuss the recent OPM breach report from Congress and what it means for the state of federal government cybersecurity.
September 07, 2016
While President Obama said we can still defuse a potential cyber arms race, some experts believe we are already in such competition or already past it and in open conflict.
July 27, 2016
Problems with LastPass security might have been improperly disclosed, putting user passwords at higher risk, but the flaws have already been fixed, with an update rolling out now.
Security risk management Get Started
Bring yourself up to speed with our introductory content
Access governance (AG) is an aspect of information technology (IT) security management that seeks to reduce the risks associated with excessive access rights, inactive users and orphan accounts. Continue Reading
Data breach compensation amounts often fall short of covering the actual damages, especially in a cloud breach. Expert Frank Siemons discusses data breach settlement options. Continue Reading
The Android Trojan Triada has the ability to replace a device's system functions with its own. Expert Michael Cobb explains how to mitigate the effects of this serious threat. Continue Reading
Evaluate Security risk management Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
The proposed CFTC regulations on cybersecurity testing are set to finalize in 2016. Expert Mike Chapple discusses the effects these regulations have on IT-reliant trading firms. Continue Reading
Before using open source security software, enterprises should consider the security risks. Expert Mike O. Villegas discusses what to do before using open source software. Continue Reading
Sometimes security teams fall into 'set and forget' habits with security automation. Expert Mike O. Villegas explains how to take advantage of automation while staying secure. Continue Reading
Manage Security risk management
Learn to apply best practices and optimize your operations.
Communicating cybersecurity issues to a board of directors can be challenging. Expert Mike O. Villegas discusses whether a cybersecurity expert on the board would ease the struggle. Continue Reading
ICIT Fellow Robert Lord discusses the exploitation of protected health information on the deep web and gives cybersecurity tips on how to best protect these valuable records. Continue Reading
In this Risk & Repeat podcast, SearchSecurity talks with James Plouffe, lead solutions architect at MobileIron and a technical advisor for the television series 'Mr. Robot.' Continue Reading
Problem Solve Security risk management Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Threat-related metrics that CISOs find useful often differ from what the C-suite wants to know. Here's how to communicate risk -- and return -- on cloud security investments. Continue Reading
Consultant Nick Merkin explains why a lack of security awareness is a threat to protecting medical imaging systems and how organizations can educate staff to mitigate risks. Continue Reading
Trusted certificate authorities are essential in today's business climate, but that doesn't mean they are easy to come by. Certificate authority risks are many, certainly, but this three-part technical guide is designed to make plain the challenges and then offer advice on how infosec pros can increase the security of trusted certificate authorities in their enterprise. It opens with a review of a recent study on expert perceptions of CA security risks and where the key dangers lie that could expose businesses to breaches. It explores the overall subject of increasing CA security but also delves into specific security concerns, including the security risks inherent in mobile certificates. Among the potential approaches to raising CA security examined in this publication are the advantages of SSL certificate subscription services.
IT professionals who study this publication will gain a deeper insight into the nature of certificate authorities, when they can be trusted and how to tackle security weaknesses in them. Readers will also acquire essential knowledge of the latest tools and techniques to make CAs used in their enterprises as safe and secure as possible.Continue Reading