SearchSecurity
New & Notable
Shopify discloses data breach caused by insider threats
Canadian ecommerce company Shopify disclosed a data breach involving two insider threats, but questions remain about the breach and how it was discovered.
Manage
3 key cybersecurity team positions to add in 2021
Having the right cybersecurity team in place can help reduce how long it takes to control threats. Consider adding cloud security, third-party risk and digital ethics specialists.
Manage
Cybersecurity governance: A path to cyber maturity
All organizations need cybersecurity governance programs so that every employee understands and is aware of cybersecurity mitigation efforts to reduce cyber risks.
Manage
7 ways to augment enterprise SOCs with AI
Implementing SOC automation can have far-reaching benefits for an organization's infosec program and security culture. Learn how by exploring these seven use cases of AI in SOCs.
Download: Your Complete Guide to IAM
Utilize this 66-page IAM guide to help you stay on top of the latest best practices and techniques. Security expert Michael Cobb explores the risks and rewards of biometrics measures and multifactor authentication, how organizations can assess if it is time to modernize IAM strategies, and much more.
Trending Topics
-
Emerging threats News
Gartner: Paying after ransomware attacks carries big risks
The average cost of a ransomware payment in Q1 2020 was $178,254, according to a session at Gartner's Security & Risk Management Summit -- and that doesn't include downtime cost.
-
Windows security News
'SigRed' alert: Experts urge action on Windows DNS vulnerability
Experts are urging organizations to take immediate action on SigRed, a 17-year-old Windows DNS server vulnerability discovered by Check Point Research and patched by Microsoft.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Get Started
Inside format-preserving encryption methods
With format-preserving encryption, a ciphertext's format is the same as its plaintext's. Read up on the benefits of this cryptography method, NIST FPE methods, vendors and more.
-
Security industry trends News
Gartner: Securing remote workforce a top priority
In a COVID-19 pandemic world with new security threats and risks emerging, Gartner analysts discussed the urgency of securing access and devices for remote employees.
-
CISSP Get Started
Take this CISSP practice test before the final exam
Test your knowledge and preparedness for the CISSP exam with 16 questions taken directly from the latest 'CISSP All-in-One Exam Guide' from McGraw Hill.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Find Solutions For Your Project
-
Evaluate
How secure is a site-to-site VPN tunnel?
Not every enterprise needs the functionality of a standard VPN client. A site-to-site VPN may be a better choice for some companies, but it's not without risk.
-
The enterprise case for zero trust
-
Security's new normal focuses on remote work
-
How security champions can help, despite working remotely
-
-
Problem Solve
Application codebase update security best practices
Codebase updates are critical, but what about when they introduce vulnerabilities? These three steps will help app developers secure codebase updates and keep their apps safe.
-
Top AI security concerns for IT leaders
-
Making cybersecurity hygiene a shared responsibility
-
Being secure by design requires proper principles
-
-
Manage
Cybersecurity governance: A path to cyber maturity
All organizations need cybersecurity governance programs so that every employee understands and is aware of cybersecurity mitigation efforts to reduce cyber risks.
-
7 ways to augment enterprise SOCs with AI
-
Why hiring managers must write inclusive infosec job descriptions
-
Federal Information Security Management Act (FISMA)
-
-
E-Zine | August 2020
Cybersecurity education for employees: Learn what works
Download -
E-Handbook | May 2020
How to get actionable threat intelligence from tech tools
Download -
E-Zine | May 2020
Why CISOs need advanced network security strategies now
Download -
E-Handbook | April 2020
Employ AI for cybersecurity, reap strong defenses faster
Download -
E-Handbook | March 2020
How to implement a strong COVID-19 cybersecurity plan
Download
Information Security Basics
-
Get Started
SOC teams: Who they are, what they do
Review the key players in the 2020 SOC and their specific responsibilities, as well as best practices to ensure effective teamwork for a secure organization.
-
Get Started
Inside format-preserving encryption methods
With format-preserving encryption, a ciphertext's format is the same as its plaintext's. Read up on the benefits of this cryptography method, NIST FPE methods, vendors and more.
-
Get Started
Federal Information Security Management Act (FISMA)
The Federal Information Security Management Act (FISMA) is United States legislation that defines a framework of guidelines and security standards to protect government information, operations and assets.
Multimedia
-
Problem Solve
Top AI security concerns for IT leaders
-
-
Vendor Resources
- Automated Breach and Attack Simulation Webcast –Webcast
- Take the Next Step in Cloud Security –Webcast
- Putting the Trust in Zero Trust –White Paper
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Government information security management
FBI: Disinformation attacks on election results 'likely'
Foreign threat actors and cybercriminals are "likely" to spread disinformation around 2020 election results through social media and also alter election-related websites.
-
Penetration testing, ethical hacking and vulnerability assessments
ConnectWise launches bug bounty program to boost security
ConnectWise, which provides remote management software to MSPs, partnered with HackerOne in its first bug bounty program, which is part of a larger strategy to improve security.
-
Government information security management
Cyber attacks on schools increasing amid remote learning shift
The pandemic forced schools to make a quick transition to remote learning with little resources and weak security postures, and threat actors have increased their attacks.
SearchSecurity Definitions
- Federal Information Security Management Act (FISMA)
- CISO as a service (vCISO, virtual CISO, fractional CISO)
- access control
- advanced persistent threat (APT)
- biometrics
- zero-day (computer)
- PCI DSS 12 requirements
- vulnerability assessment (vulnerability analysis)