SearchSecurity
New & Notable
News
Microsoft to make CCPA the law of the land
Microsoft said it will apply the California Consumer Privacy Act across the nation and extend the law's data privacy protections to customers in all fifty states.
News
Intel patch can't fully stop side-channel attack
Researchers disclosed another variant of the ZombieLoad side-channel attack that affects the newest Intel processors, and also discovered a flaw in the original ZombieLoad patch.
Manage
Using AI and zero trust to prevent insider threats
The risk of insider threat does not discriminate across industry lines. Learn how to build an insider threat management program that combines AI, zero-trust principles and a healthy security culture.
News
Why breach lawsuits are resolved before trial
For all of the talk about data breach class action lawsuits, virtually none of them reach a courtroom. Here's why and how data breach lawsuits almost always end in settlements.
Instant Download: Building an Incident Response Action Plan
77% of organizations admit they don’t have a formal cybersecurity incident response plan (CSIRP) that is applied consistently across the organization, according to IBM. If you’re one of them, here’s everything you need to know about building an efficient incident response action plan.
Trending Topics
-
Emerging threats News
ConnectWise ransomware remediation lacking details
ConnectWise warned that ransomware attacks are targeting open ports for its Automate on-premises application, but the company has offered few details about the nature of the attacks.
-
Windows security Manage
How to bypass a Windows kernel protection feature
Security researchers demonstrated how a new fileless attack technique can bypass a Windows kernel protection feature at Black Hat 2018. Find out how the technique works.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Problem Solve
AES encryption vs. DES encryption
Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between AES and DES.
-
Security industry trends News
What's the dollar value of exposed personal information?
Determining the value of consumers' personal data exposed in a breach can be a challenge. Security and legal experts discuss what factors are involved in the equation.
-
CISSP Get Started
Passing the CISSP exam: How hard is it?
Want to become a CISSP? Here's everything you need to know, such as how difficult the exam is, tips for studying, what's needed to obtain a passing score and more.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Michael Heller asks:
What are your organization's best practices patching against side channel attacks for processors?
-
Katie Donegan asks:
What strategies has your organization incorporated into its insider threat management program?
-
Alexander Culafi asks:
Do you think Facebook will be the first class action data breach lawsuit to go to trial? Why or why not?
Find Solutions For Your Project
-
Evaluate
Regulations spur stronger data governance efforts
Some companies have taken steps to improve data governance in anticipation of data privacy rules. Experts discuss the challenges of compliance in a shifting regulatory landscape.
-
Challenges and opportunities in a pen tester career
-
Is a cybersecurity insurance policy a worthy investment?
-
How to choose a cybersecurity insurance provider
-
-
Problem Solve
Hire, recruit and retain during cybersecurity workforce shortage
Learn how companies should adapt to hire, recruit and retain top-notch employees during the current cybersecurity workforce shortage.
-
Liaison officer responsibilities and qualities
-
The human aspect of insider threat risk
-
AES encryption vs. DES encryption
-
-
Manage
Using AI and zero trust to prevent insider threats
The risk of insider threat does not discriminate across industry lines. Learn how to build an insider threat management program that combines AI, zero-trust principles and a healthy security culture.
-
A fresh look at enterprise firewall management
-
Never trust, always verify: Understanding zero trust
-
The intersection of information security and ethics
-
-
E-Zine | November 2019
AI threats, understaffed defenses and other cyber nightmares
Download -
E-Handbook | September 2019
IT/OT convergence is necessary, desirable, but not so simple
Download -
E-Handbook | August 2019
New network traffic analysis tools focus on security
Download -
E-Zine | August 2019
Managing identity and access well unlocks strong security
Download -
Buyer's Guide | July 2019
What secure email gateways can do for your enterprise
Download
Information Security Basics
-
Get Started
spyware
Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.
-
Get Started
application whitelisting
Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system.
-
Get Started
Read November’s ISM, then take our quiz for CPEs
Test your grasp of current security topics like AI in cybersecurity and what privacy regulations require. Then receive CPE credit by passing this quiz.
Multimedia
Vendor Resources
- Webinar: Financial Crime –Webcast
- Simplify, Strengthen & Unify Your Security with Zero Trust Access –White Paper
- Protecting Data Capital in Your Organization –White Paper
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Microsoft Patch Tuesday and patch management
Intel patch can't fully stop side-channel attack
Researchers disclosed another variant of the ZombieLoad side-channel attack that affects the newest Intel processors, and also discovered a flaw in the original ZombieLoad patch.
-
Data security breaches
Why breach lawsuits are resolved before trial
For all of the talk about data breach class action lawsuits, virtually none of them reach a courtroom. Here's why and how data breach lawsuits almost always end in settlements.
-
Malware, virus, Trojan and spyware protection and removal
Office 365 users to get better malicious document protection
Microsoft is bringing the Application Guard security container to Office 365 ProPlus this year, which could limit the threat of malicious Office documents for subscribers.