Get started

Data Security and Cloud Computing

• Common Body of Knowledge (CBK)

  In security, Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices. Continue Reading

• Metamorphic virus

  A metamorphic virus is a type of malware that is capable of changing its code and signature patterns with each iteration. Continue Reading

• vulnerability assessment (vulnerability analysis)

  A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures and providing the organization doing the assessment with the necessary ... Continue Reading

• Self-sovereign identity: How will regulations affect it?

  Will laws like GDPR and PSD2 force enterprises to change their identity management strategies? Expert Bianca Lopes talks regulations, self-sovereign identity and blockchain. Continue Reading

• Cybersecurity defense in depth means more than ticking boxes

  F-Secure's Tom Van de Wiele explains the realities of cybersecurity defense in depth, and why companies need to have the right attitude to defend against cyberattacks. Continue Reading

• Definitions to Get Started

  • computer worm
  • Single Sign-On (SSO)
  • Certified Information Systems Auditor (CISA)
  • cybersecurity

  • asymmetric cryptography (public key cryptography)
  • digital signature
  • Trojan horse (computing)
  • time-based one-time password (TOTP)

  View All Definitions

• How to do risk management in cybersecurity using ERM

  Perfect security is impossible, but using risk management in cybersecurity using a range of strategies can significantly reduce your organization’s risk.Continue Reading

• Cyber-risk strategies and models for a post-perimeter age

  Cyber-risky business: The notion of the security perimeter has grown quaint. If a firewall is insufficient, where does IT turn to answers on how to protect assets?Continue Reading

• cyberextortion

  Cyberextortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack.Continue Reading

• National Security Agency (NSA)

  The National Security Agency is the official U.S. cryptologic organization of the United States Intelligence Community under the Department of Defense.Continue Reading

• unified threat management (UTM)

  A unified threat management (UTM) system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and ...Continue Reading

• Becoming a cybersecurity professional: What are the options?

  A cybersecurity professional has several options for their career path. Expert Ernie Hayden reviews the cybersecurity career track options and what skills are required for each one.Continue Reading

• How the Mirai botnet changed IoT security and DDoS defense

  It seemed that no IoT device was safe from the Mirai botnet when it took down major enterprises and internet infrastructure providers with massive DDoS attacks.Continue Reading

• Software security training: Perspectives on best practices

  Software development training with an emphasis on secure coding can improve enterprise security postures. Steve Lipner of SafeCode discusses different ways to get the job done.Continue Reading

• The time is ripe to implement cybersecurity automation

  Automation is essential to keep up with the speed and potential lethality of threats now. Does automatic feel problematic? Then try to focus on security fundamentals.Continue Reading

• Single sign-on best practices: How can enterprises get SSO right?

  Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good start. Here's how to do it.Continue Reading