Manage

Manage

Learn to apply best practices and optimize your operations.

• Fannie Mae CISO calls for more data on security incidents

  Chris Porter's years as a lead analyst and author of Verizon's Data Breach Investigations Report helped prepare him for the chief of security role at the primary housing lender. Continue Reading

• Not enough information security analysts, despite higher wages

  Survey data on global skills shortages does not show significant changes, even as companies turn to strategies such as security automation to make security teams more efficient. Continue Reading

• Overwhelmed by security data? Science to the rescue

  Security teams increasingly use large data sets from their networks to find hidden threats. Why companies should embark on their own data science and machine learning initiatives. Continue Reading

• Why third-party access to data may come at a price

  Google and other platform companies dangled not only APIs but access to user data from unwitting customers to attract third-party developers and other partners. Continue Reading

• Citrix's Peter Lefkowitz on impact of GDPR privacy requirements

  New consumer privacy laws are changing the global privacy landscape. Citrix's Peter Lefkowitz explains how Citrix is approaching GDPR compliance and privacy issues in general. Continue Reading

• Powerhammering: Can a power cable be used in air-gapped attacks?

  Air-gapped computers subject to PowerHammer attack: Proof-of-concept attack enables data exfiltration through control of current flow over power cables.Continue Reading

• How to identify and protect high-value data in the enterprise

  Protecting data in the enterprise is a crucial but challenging task. Expert Charles Kao shares key steps and strategies to consider to identify and protect high-value data.Continue Reading

• Cisco's chief privacy officer on the future of data after GDPR

  Michelle Dennedy, vice president and chief privacy officer at Cisco, discusses her company's approach to meeting the requirements of the EU's General Data Protection Regulation.Continue Reading

• Bouncy Castle keystore: How are files vulnerable to brute force?

  BKS files are being exposed to hash collisions, enabling hackers to use brute force attacks against C# and Java applications. Learn how this occurs and possible solutions with Judith Myerson.Continue Reading

• How did a Navarino Infinity flaw expose unauthenticated scripts?

  Navarino Infinity, a satellite communication system, found and fixed a flaw that exposed an unauthenticated script. Discover what threats this flaw enabled with Judith Myerson.Continue Reading

• Trojan.AndroidOS.Loapi: What is this jack-of-all-trades malware?

  Kaspersky researchers found a new Android malware that can physically harm phones. Learn how this works and the steps to mitigate the attack with expert Nick Lewis.Continue Reading

• Zealot campaign: How is the Apache Struts vulnerability used?

  The Zealot campaign discovered by F5 Networks uses the same Apache Struts vulnerability exploited in the Equifax breach. Learn how else it performs cryptomining with Nick Lewis.Continue Reading

• An introduction to ICS threats and the current landscape

  ICS threats have become more prevalent, so the need for organizations to understand the risks has grown. Expert Ernie Hayden explains what enterprises need to know.Continue Reading

• Spider ransomware: How do ransomware attacks differ?

  Spider ransomware has been found spreading malicious files via a phishing campaign that gives victims a 96-hour deadline. Learn how this attack is similar to past attacks with Nick Lewis.Continue Reading

• Drupalgeddon 2.0: Why is this vulnerability highly critical?

  A recently discovered Drupal vulnerability in its open source CMS allowed attackers to control websites. Learn how almost one million sites were affected with Michael Cobb.Continue Reading