Features

Features

Emerging cyberattacks and threats

• What is the future of cybersecurity?

  Remote work is here to stay, so it's time to rethink the short-term fixes made in 2020. What else is in the cards? Here are the trends shaping the future of cybersecurity.  Continue Reading

• Enterprise cybersecurity threats spiked in 2020, more to come in 2021

  After an unprecedented year from an enterprise cybersecurity threat standpoint, security leaders are preparing for growing number and sophistication of attacks in 2021.  Continue Reading

• Cybersecurity new normal needs change in process, CISOs say

  As CISOs face an increasingly remote workforce, they need to confront past security mistakes, while adjusting to cybersecurity's new normal.  Continue Reading

• How cyber warfare laws limit risk on a digital battleground

  Retired Navy cryptologist implores enterprises to build key cyber warfare laws into their infosec strategy to improve survivability on the digital battleground in his new book.  Continue Reading

• The future of cyber warfare requires infosec's attention

  The future of cyber warfare places enterprise security and survivability in the crosshairs. Learn more about cyber warfare threats and capabilities and how infosec can prepare.  Continue Reading

• Guide to preventing coronavirus phishing and ransomware

  Malicious actors are taking advantage of coronavirus fears to wreak havoc on cybersecurity. Check out our guide to learn about phishing and ransomware threats and how to stop them.  Continue Reading

• AI-powered cyberattacks force change to network security

  Companies now face sophisticated enemies using AI and machine learning tools for their attacks. It's a world of new dangers for those defending network systems and data.  Continue Reading

• Mitigating ransomware and phishing attacks during a pandemic

  Where most see crisis, cybercriminals see opportunity. Learn how security leaders can meet the challenges of mitigating ransomware threats and phishing attacks during a pandemic.  Continue Reading

• Cybersecurity impact analysis template for pandemic planning

  This template from IANS Research can help IT and security professionals document and prioritize essential processes, staffing and systems when faced with a pandemic event.  Continue Reading

• Coronavirus phishing scams increase amid pandemic's spread

  Organizations must account for a sharp uptick of coronavirus phishing scams in their pandemic and business continuity plans. Learn about the trend here, with steps for mitigation.  Continue Reading

• Cisco CISO says today's enterprise must take chances

  Cisco CISO Steve Martino talks about taking chances, threats, how the security leader's role is changing and what really works when it comes to keeping the company secure.  Continue Reading

• CISOs face a range of cybersecurity challenges in 2020

  Every company is unique, of course, but certain challenges are widely shared. Learn what security concerns other CISOs and security leaders are focused on in 2020.  Continue Reading

• Threat intelligence offers promise, but limitations remain

  Do you know how to use threat intelligence feeds to best effect in your company? Learn what this valuable yet often confusing resource can and can't do for cybersecurity.  Continue Reading

• 'Computer Security Fundamentals:' Quantum security to certifications

  New topics, from security engineering to quantum computing, are covered in 'Computer Security Fundamentals,' but the book's author suggests readers review some basic topics, too.  Continue Reading

• Designing the future of cyber threat intelligence sharing

  Attendees at the ACSC conference strategized about what ideal threat intelligence sharing looks like. Learn more about the future of collaborative cyberdefense.  Continue Reading

• Rise in ransomware attacks prompts new prevention priorities

  Officials predict that already widespread ransomware attacks will only grow in scale and influence, while urging organizations to act now to guard against them.  Continue Reading

• AI for good or evil? AI dangers, advantages and decisions

  Good guys and bad guys both use AI, but the bad guys don't need to worry about complying with rules and regulations. What can security leaders do to level the playing field?  Continue Reading

• New evasive spear phishing attacks bypass email security measures

  Researchers identified a new email security threat: evasive spear phishing attacks, which take months of investigation and social engineering to coordinate.  Continue Reading

• Lack of cybersecurity skills fuels workforce shortage

  Cybersecurity researcher Bob Duhainy discusses the cybersecurity skills shortage and provides suggestions about how companies can close the gap to avoid future risk.  Continue Reading

• Quantum computers mean cryptography needs to change, and soon

  As quantum computing gains momentum with practical quantum computers due to come online as early as next year, concerns about post-quantum cryptography are pushed to the forefront.  Continue Reading

• Cisco engineer: Why we need more women in cybersecurity

  Progress on the cybersecurity gender gap has been slow but steadier recently. Cisco engineer Michele Guel explains how to hack the gender gap.  Continue Reading

• Cybersecurity skills shortage prompts new hiring approach

  Hiring managers are widening the pool of candidates in response to the cybersecurity skills shortage. Learn how a parks and recreation background can be an asset in threat hunting.  Continue Reading

• How does an island hopping attack work?

  Hackers know better than to directly attack a well-defended target; learn how they use island hopping attack strategies to elude defenders -- and how best to repel them.  Continue Reading

• Huawei ban highlights 5G security issues CISOs must tackle

  Why worry over Huawei? A U.S. ban of this Chinese company's products should remind CISOs that now is the time to consider security issues related to the rollout of the 5G network.  Continue Reading

• USB attacks: Big threats to ICS from small devices

  USB devices can carry malware that can wreak havoc on industrial control systems. Expert Ernie Hayden explores the history of USB attacks and possible mitigations.  Continue Reading

• Top 10 CISO concerns for 2019 span a wide range of issues

  From dealing with data and staffing shortages to adapting to an ever-expanding set of job responsibilities, CISOs face an array of serious issues in 2019.  Continue Reading

• Cyber NYC initiative strives to make New York a cybersecurity hub

  New York City officials have launched Cyber NYC, a multifaceted initiative to grow the city's cybersecurity workforce while helping companies drive cybersecurity innovation.  Continue Reading

• Illumio: Subtle data manipulation attacks pose serious threats

  Illumio CTO P.J. Kirner discusses the threat of data manipulation and explains why subtle, hard to detect attacks could have devastating effects on enterprises.  Continue Reading

• Get the best botnet protection with the right array of tools

  Enterprise anti-botnet defenses, to be effective, must be added in multiple layers. No single security product will do the trick, but the right combo of tools can.  Continue Reading

• Threat Forecasting

  In this excerpt from chapter 1 of Threat Forecasting, authors John Pirc, David DeSanto, Iain Davison, and Will Gragido discuss how to navigate today's threat landscape.  Continue Reading

• Securing SQL Server: Protecting Your Database from Attackers

  In this excerpt from chapter nine of Securing SQL Server, author Denny Cherry discusses why SQL injection attacks are so successful.  Continue Reading

• Cybercrime and Business: Strategies for Global Corporate Security

  In this excerpt from chapter three of Cybercrime and Business, author Sanford L. Moskowitz discusses the effects cybercrime can have on small- and medium-sized businesses.  Continue Reading

• Advanced Persistent Security

  In this excerpt from chapter seven of Advanced Persistent Security, authors Araceli Treu Gomes and Ira Winkler discuss the different threats facing organizations.  Continue Reading

• Learn what breach detection system is best for your network

  Breach detection systems are essential in these days of machine learning and artificial intellingence. Learn how to identify the features and functions your network needs.  Continue Reading

• Looming cloud security threats: How attacks will follow your data

  You can move your data to cloud-based systems and web services, but you can't hide it there. Hackers and predators have more ways to find it.  Continue Reading

• Building a threat intelligence program? How to avoid the 'feed' frenzy

  Cyberthreat intelligence is just data if it is not actionable. We offer tips to help your team focus on relevant CTI for faster threat detection and response.  Continue Reading

• Dissecting the Hack

  In this excerpt from chapter three of Dissecting the Hack: The V3RB0TEN Network, authors Jayson E. Street, Kristin Sims and Brian Baskin discuss Bitcoin and digital currency.  Continue Reading

• Security attack? New defenses in 2016 escape compromise

  Worried that attackers may know your infrastructure better than you do? Cyberthreats are learning fast from defenses that detect them. New strategies focus on what happens next.  Continue Reading

• Emerging security threats you're up against now

  Learn about the 'hacking as a service' and other emerging security threats.  Continue Reading

• Beyond the Page: Advanced Persistent Threats, Ransomware and More

  The era of mobile, cloud and the Internet of Things is also an era of advanced persistent threats, ransomware and more. Here's how to stay secure.  Continue Reading

• New cyberthreats: Defending against the digital invasion

  The confluence of the Internet of Things and bring your own device may turn into a beachhead for attackers.  Continue Reading

• Secure all the (Internet of) Things

  Despite the promise of the Internet of Things, history will repeat itself unless we take action.  Continue Reading

• Antivirus evasion techniques show ease in avoiding antivirus detection

  In the wake of the New York Times attack, a look at antivirus evasion techniques show how easy it is to avoid antivirus detection and why new defenses are needed.  Continue Reading

• Critical infrastructure protection hindered by difficulties, experts say

  Information Security magazine discussed critical infrastructure protection with three experts and explore whether any near-term solutions can be implemented to bolster network defenses.  Continue Reading

• Private market growing for zero-day exploits and vulnerabilities

  Exploitable vulnerabilities are becoming harder to find in popular software, but information on such flaws is increasingly valuable, and many security researchers are no longer willing to give it up for free.  Continue Reading

• Virtual Honeypots: From Botnet Tracking to Intrusion Detection

  In Chapter 11 of Virtual Honeypots: From Botnet Tracking to Intrusion Detection, authors Niels Provos and Thorsten Holz get inside the botnet and reveal some interesting conclusions.  Continue Reading

• Final exam: Web attack prevention and defense

  Discover how much you've learned about Web server security with this final exam on Web attack prevention and defense.  Continue Reading

• Malware: The ever-evolving threat

  The first tip in our series, "How to assess and mitigate information security threats, excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book The Shortcut Guide to Protecting Business Internet Usage published by ...  Continue Reading

• How to stop spam and email viruses

  Learn how to protect your enterprise from email viruses and other messaging malware.  Continue Reading