Manage

Manage

Learn to apply best practices and optimize your operations.

• Should a forced password reset be standard after a data breach?

  Yahoo reportedly rejected a forced password reset after numerous data breaches compromised user data. Expert Mike O. Villegas discusses whether this should be a standard practice. Continue Reading

• Dedicated security teams: The pros and cons of splitting focus areas

  Could using dedicated security teams that focus on one area of risk help reduce the attack surface for enterprises? Expert Steven Weil looks at the pros and cons of that approach. Continue Reading

• Totally automatic: Improve DevOps and security in three key steps

  Concerned about DevOps security? Learn three key steps to embedding security into the software development process, including how to improve automation. Continue Reading

• Enterprise scenarios for threat intelligence tools

  Expert contributor Ed Tittel explains which types of organizations need threat intelligence tools as part of a proactive, layered security strategy to protect against threats. Continue Reading

• MSSPs add advanced threats as managed security services gain hold

  Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'? Continue Reading

• The managed security provider comes knocking

  A constantly evolving threat landscape and a deepening skills crisis has more enterprises looking to a managed security service provider for help handling some of their security requirements. The trend is expected to drive strong demand for MSSPs ...Continue Reading

• Sharpen your DDoS detection skills with the right tool

  DDoS detection and prevention tools are more sophisticated than ever. But finding the right one for your company takes studying and asking vendors the right questions.Continue Reading

• IoT development and implementation: Managing enterprise security

  The CSA's guidelines for secure IoT development can give enterprises an idea of how to evaluate IoT products. Expert Nick Lewis explains the steps enterprises should take.Continue Reading

• CJIS Security Policy: How can companies ensure FIPS compliance?

  Companies and government agencies handling criminal justice information need to comply with CJIS Security Policy. Expert Michael Cobb explains the cryptographic modules to use.Continue Reading

• Why authorization management is paramount for cybersecurity readiness

  After enterprise identities are authenticated, an authorization management system should monitor how resources are being used. Expert Peter Sullivan explains how it can work.Continue Reading

• What to consider about signatureless malware detection

  Endpoint security is changing into signatureless malware detection and protection. Expert Matthew Pascucci discusses the transition away from signatures.Continue Reading

• Q&A: IBM's Diana Kelley got an early start in IT, security came later

  How did an editor become a security architect? A fascination with computers sparked a lifelong journey for IBM's executive security advisor.Continue Reading

• MIAX Options CSO on security's role in business continuity

  Faced with the demands of derivatives trading, CSO John Masserini understands the value of aligning controls with business risk. We ask him how he does it.Continue Reading

• Security looks to machine learning technology for a cognitive leg up

  Advances in machine learning technology and artificial intelligence have proven to work well for some information security tasks such as malware detection. What's coming next?Continue Reading

• How to use DNS reverse mapping to scan IPv6 addresses

  Enterprises looking to perform IPv6 address scans can use DNS reverse mapping techniques. In part one of this tip, expert Fernando Gont explains how the process works.Continue Reading

• What global threat intelligence can and can't do for security programs

  Global threat intelligence is a valuable complement to a company's security program, but it can't replace security measures like training and internally collected data.Continue Reading

• How to organize an enterprise cybersecurity team effectively

  The structure of an enterprise's cybersecurity team is important for ensuring it's as effective as possible. Expert Steven Weil outlines strategies for setting up a security group.Continue Reading

• Set up your system for the best network security possible

  The IT pro's job is to ensure the best network security network performance both. Our guide provides solid steps to take right now to achieve both in this age of mobile and the internet of things.Continue Reading

• Recent ransomware attacks: Data shows 50% growth in 2016

  With high sums paid, ransomware gets all the attention. But malware is not the only way that criminals gained control of enterprise systems, a new report shows.Continue Reading

• Role of CISO: FICO enlists CISO in security product management

  As head of FICO's information security program, Vickie Miller's role is wide-ranging.Continue Reading

• Insider Edition: Attaining security for IoT, through discovery, identity and testing

  Ever since the internet of things became a "thing," the potential for abuse has been well documented; how best to achieve security for IoT is not yet clear. This Insider Edition of Information Security magazine tackles that second ...Continue Reading

• Privileged access management and security in the enterprise

  This Security School explores the important steps enterprises need to take when managing privileged access accounts to prevent credential abuse and security incidents.Continue Reading

• Are investigations crucial to data breach protection?

  SWIFT banking has a team dedicated to data breach investigations. Expert Mike O. Villegas discusses why this is necessary and whether other organizations should follow suit.Continue Reading

• The dangers of using security policy templates in the enterprise

  Among other drawbacks, using security policy templates can make compliance audits and breach assessments harder for enterprises. Expert Joseph Granneman explains why they're risky.Continue Reading

• Information Security Science

  In this excerpt from chapter 1 of Information Security Science, author Carl Young discusses information security threats and risk.Continue Reading

• Industrial Network Security

  In this excerpt from chapter 3 of Industrial Network Security, authors Eric D. Knapp and Joel Langill discuss the history and trends of industrial cybersecurity.Continue Reading

• Should one cybersecurity mistake mean the end of a CEO's career?

  In one case, a tenured CEO made one cybersecurity mistake and was fired. Expert Mike O. Villegas discusses whether this sets a precedence for enterprises going forward.Continue Reading

• Should CISOs share the responsibility for a cybersecurity incident?

  CISOs usually take the brunt of the blame when a cybersecurity incident occurs, but should they? Expert Mike O. Villegas details ways CISOs can share the responsibility.Continue Reading

• Meet security goals by avoiding threat intel and analytics mistakes

  Meeting top security goals is only the first step. Get up to speed on how to avoid common pitfalls in the use of threat intelligence and analytics.Continue Reading

• How do the Linux kernel memory protection features on Android work?

  Google has added Linux kernel memory protection and other security measures to the Android OS. Expert Michael Cobb explains how these features work to protect devices.Continue Reading

• High-stakes role of CISO: Scott Howitt, MGM Resorts International

  Many organizations are making the CISO a peer to the CIO or taking the position out of IT altogether, says Howitt, who has held several technology and leadership positions.Continue Reading

• Dedicated CISO job still open to debate

  Almost 20 years after Citicorp decided to hire an executive-level security position dedicated to protecting its banking business, the responsibilities of the CISO job are still unclear to many business executives and open to discussion. Why do some ...Continue Reading

• Is a no-SMS 2FA policy a good idea for enterprises?

  Now that NIST has deprecated the use of SMS 2FA, should nongovernment organizations follow suit? Expert Mike Chapple discusses the risks of SMS-based 2FA to enterprises.Continue Reading

• Are browsers using the HTTP/2 protocol vulnerable to HEIST attacks?

  HEIST, a new HTTP/2 protocol exploit, can steal encrypted content from HTTPS traffic. Expert Michael Cobb explains how this attack works and how to stop it.Continue Reading

• How can users protect mobile devices from SandJacking attacks?

  Attackers can use the SandJacking attack to access sandboxed data on iOS devices. Expert Nick Lewis explains how to protect your enterprise from this attack.Continue Reading

• Preventing trusted users from misusing their privileges

  Users with privileged accounts have the ability to make critical changes to your enterprise system. Find out how to control trusted users and prevent malicious actions.Continue Reading

• Information security risk management: Understanding the components

  An enterprise has to know what risks it is facing. Expert Peter Sullivan explains why an information security risk management plan is crucial for cybersecurity readiness.Continue Reading

• Privileged user access: Managing and monitoring accounts

  Maintaining the security principle of least privilege can prevent abuse of privileged user accounts. Learn about the best practices for monitoring privileged access.Continue Reading

• Patching and updating applications: How much time should be spent?

  A survey found that half of its respondents perform application updates daily. Expert Michael Cobb explains how to allocate appropriate time on different security controls.Continue Reading

• Preventing privilege creep: How to keep access and roles aligned

  Privilege creep can result in the abuse of user access and security incidents. Expert Michael Cobb explains how enterprises can keep user roles and privileges aligned.Continue Reading

• New tactics for better endpoint security threat prevention

  Endpoint security threat prevention tools are crucial in your endpoint management strategy. This three-part technical guide will help you develop and advance your existing endpoint security management approach. It includes a chapter that outlines ...Continue Reading

• Preventing and responding to a healthcare ransomware infection

  The healthcare industry is a target for ransomware infections. Expert Ernie Hayden explains how organizations can take steps to prevent and respond to these attacks.Continue Reading

• Which are the best cybersecurity certifications for beginners?

  There are an overwhelming number of cybersecurity certifications available, so which one should people just beginning their career start with? Expert Mike O. Villegas answers.Continue Reading

• Is a cybersecurity expert necessary on a board of directors?

  Communicating cybersecurity issues to a board of directors can be challenging. Expert Mike O. Villegas discusses whether a cybersecurity expert on the board would ease the struggle.Continue Reading

• Ransomware attacks: Why healthcare data is at risk

  Ransomware attacks on healthcare data are on the rise. Expert Ernie Hayden explains why healthcare organizations are a target and the effects of these attacks.Continue Reading

• Why are cybersecurity KPIs important for enterprises to determine?

  Cybersecurity KPIs are important for enterprises to determine when setting up a security program. Expert Mike O. Villegas discusses why and what a KPI for security should be.Continue Reading

• How can an HTTPS session get hijacked with the Forbidden attack?

  An HTTPS session with a reused nonce is vulnerable to the Forbidden attack. Expert Nick Lewis explains how the attack works, and how to properly secure HTTPS-authenticated sites.Continue Reading

• How to use hashcat to address authentication vulnerabilities

  Authentication vulnerabilities are a constant problem, but testing tools like hashcat can make a significant difference. Expert Joe Granneman discusses hashcat and password cracking.Continue Reading

• Improve endpoint security protection with advanced tools and techniques

  Better endpoint security protection is possible with NAC, DLP and other tools and techniques. Learn how they fit together to improve enterprise endpoint protection.Continue Reading

• How to handle out-of-band management for network infrastructure

  Out-of-band management can be used for handling network infrastructure. Expert Judith Myerson explains the benefits of out-of-band management and how it can be implemented.Continue Reading

• Report: Lack of SSL traffic inspection poses threat to enterprises

  New research shows poor visibility into encrypted traffic increases the risk to enterprises as malicious actors take advantage of blind spotsContinue Reading

• Identity of things? IAM system to change as IoT invades the workplace

  Companies in certain industries -- manufacturing, healthcare and critical infrastructure -- are already dealing with securing the internet of things; others will have to start.Continue Reading

• How can privileged access accounts be managed in large companies?

  Network administrators typically resist policies for separate accounts when performing different tasks. Expert Michael Cobb explains the risk of privileged access.Continue Reading

• Major password breaches: How can enterprises manage user risk?

  With the large number of password breaches happening, enterprises should look into new methods of protecting their resources. Expert Nick Lewis explains how to reduce user risk.Continue Reading

• Preparing for new DDoS techniques: Mitigating the inevitable attack

  Attackers are using DDoS techniques that focus on IoT and IPv6. Learn how to build a response plan, select mitigation solutions and recover from an attack.Continue Reading

• Risk & Repeat: MobileIron's James Plouffe on Mr. Robot, mobile threats

  In this Risk & Repeat podcast, SearchSecurity talks with James Plouffe, lead solutions architect at MobileIron and a technical advisor for the television series 'Mr. Robot.'Continue Reading

• Trusted? Certificate authority risks and how to manage them

  Trusted certificate authorities are essential in today's business climate, but that doesn't mean they are easy to come by. Certificate authority risks are many, certainly, but this three-part technical guide is designed to make plain the challenges ...Continue Reading

• Network security alerts: Managing and overcoming obstacles

  Network security alerts are high in number and low in accuracy. Expert Kevin Beaver explains strategies security professionals can develop to overcome these obstacles to improving security.Continue Reading

• Insider security threats: What CISOs can do to mitigate them

  Dealing with insider security threats requires a combination of tactics. Expert Mike O. Villegas discusses the various aspects of insider threat mitigation strategies.Continue Reading

• How is Windows AppLocker whitelisting bypassed by Regsvr32?

  Windows AppLocker whitelisting was discovered to be exploitable with command-line tool Regsvr32. Expert Nick Lewis explains how organizations can mitigate possible attacks.Continue Reading

• When to take a bug bounty program public -- and how to do it

  Bug-finding programs are valuable to enterprises, but they require a lot of planning and effort to be effective. Sean Martin looks at what goes into taking a bug bounty program public.Continue Reading

• Improving Android device security for enterprises with Android N

  Android device security is getting a boost with its newest version, Android N. Expert Michael Cobb explains the effects on enterprise users, and the changes in encryption.Continue Reading

• Planning for an IPv6 attack: DDoS, neighbor discovery threats and more

  An IPv6 DDoS attacks are imminent, and your network security tools may not be configured for it. Expert Michael Cobb explains how enterprises can prepare its defenses.Continue Reading

• Are security people born with unique talents? We ask Kevin Johnson

  The founder and CEO of Secure Ideas tells Marcus Ranum about his inner journey, from systems administrator at a friend's startup to ethical hacker for hire.Continue Reading

• CISOs face cloud GRC challenges as services take off

  Governance, risk management and compliance goals are tested by the proliferating use of cloud services -- and it's even worse than IT organizations think.Continue Reading

• Cloud governance model still behind services

  A lot of the cloud adoption in organizations has happened in an organic fashion with little to no IT involvement and even less policy oversight. In most cases, the security, policy and cloud governance model you implement will be somewhat ...Continue Reading

• How to handle a problematic cybersecurity expert on your team

  Sometimes hiring a cybersecurity expert to help your security team isn't all it's cracked up to be. Expert Mike O. Villegas explains what CISOs should do when this happens.Continue Reading

• Risk & Repeat: Shadow Brokers' dump shakes IT industry

  In part two of Risk & Repeat's podcast on the Equation Group, SearchSecurity editors discuss the zero-day vulnerabilities discovered in the Shadow Brokers' data dump.Continue Reading

• How does the Android Trojan Triada infect a device's core processes?

  The Android Trojan Triada has the ability to replace a device's system functions with its own. Expert Michael Cobb explains how to mitigate the effects of this serious threat.Continue Reading

• What CISOs need to incorporate into cloud service-level agreements

  CISOs may be unfamiliar with cloud service-level agreements, but they're still a necessary part of enterprise security. Expert Mike O. Villegas has some tips to build cloud SLAs.Continue Reading

• What's the best way to organize the CISO reporting structure?

  The importance of the CISO reporting structure continues to grow as the importance of the CISO grows. Expert Mike O. Villegas discusses who the CISO should report to.Continue Reading

• SIEM analysis interfaces for security professionals

  SIEM systems aren't infallible, so it's essential to effective SIEM analysis that it has an interface that eases security professionals' assessment and interpretation tasks.Continue Reading

• Basic SIEM analytics steps to know

  Even basic SIEM analytics can get complicated. Learn three fundamental steps to take that will help you get the most out of your security information and event management tool.Continue Reading

• Cyberextortion: How should CISOs handle it?

  Organizations need to be aware of the threat of cyberextortion attacks and defend against them. Mike O. Villegas discusses the CISO's role in setting up the defense.Continue Reading

• What's New in IAM Security and Strategy

  Most of the pivotal changes in identity and access management, or IAM, were discussed and developed at least ten years ago. Deployment of advanced IAM security technology has been glacial in comparison to most other security technologies because of ...Continue Reading

• Putting IPv6 vulnerabilities under the microscope

  Examining IPv6 vulnerabilities prior to deployment is crucial for enterprises. Expert Judith Myerson explains the risks of older gear, unpatched IPv6 ND flaws and other issues.Continue Reading

• Resolve web security issues with advice from industry experts

  Web security issues begin at the web app development stage, but there are ways security pros and developers can collaborate to boost security without sacrificing app performance.Continue Reading

• Want to avoid data breach lawsuits? Get legal on your side

  The CISO's role as the protector of an organization's data intersects with responsibilities of corporate counsel. Here's how to keep the communications flowing in sticky situations.Continue Reading

• Why are both symmetric and asymmetric encryption used in OpenPGP?

  OpenPGP uses asymmetric encryption and symmetric encryption for different parts of its process. Expert Michael Cobb explains the purpose of hybrid encryption in message security.Continue Reading

• Becoming a Global Chief Security Executive Officer

  In this excerpt of Becoming a Global Chief Security Executive Officer: A How to Guide for Next Generation Security Leaders, author Roland Cloutier discusses the primary role of the chief security officer.Continue Reading

• How can a vendor risk assessment help enterprise security?

  Third-party vendors are necessary for organizations, but with them come more security risks. Expert Mike O. Villegas discusses how vendor risk assessments can help.Continue Reading

• What are the pros and cons of hiring an ex-hacker?

  Hiring an ex-hacker to join an enterprise security team is a risky move. Expert Mike O. Villegas discusses the potential benefits and drawbacks of this nontraditional hiring move.Continue Reading

• How to start building an enterprise application security program

  Building an effective application security program can be daunting. Sean Martin talks with experts about the best first steps enterprises should take.Continue Reading

• Are cyberwar games beneficial to test enterprise security?

  Traditional security testing is always recommended, but what about cyberwar games? Expert Mike O. Villegas discusses the best ways to test a security program.Continue Reading

• Government cybersecurity problems can teach enterprises what to do

  The U.S. government's cybersecurity problems are in the spotlight, so enterprises should learn from them. Expert Mike Chapple looks at the lessons organizations can learn.Continue Reading

• Internet of things challenges are many, but security tops the list

  Organizations that choose to tackle the long list of internet of things challenges know that security-related issues must be at the top of that list: A plunge into the world of smart, connected devices inevitably comes with a whole set of security ...Continue Reading

• How does the EMET 5.0 vulnerability allow attackers to turn it off?

  A vulnerability has been discovered in EMET 5.0 that can be used to turn EMET off. Expert Nick Lewis explains the flaw, and what enterprises can do to maintain security.Continue Reading

• How to mitigate bit flipping flaw caused by Rowhammer exploits

  A Rowhammer attack on DRAM can induce bit flipping, putting data security at risk. Expert Michael Cobb explains the flaw and what preventive actions enterprises can take.Continue Reading

• Are Amazon devices running on the latest Fire OS 5 secure?

  Amazon disabled native encryption capabilities in the latest Fire OS version. Expert Michael Cobb explains what this means for security, and if encryption can be reinstated.Continue Reading

• Information security culture: How enterprises can build and improve it

  Creating and fostering an information security culture isn't easy. Guest contributor Lance Hayden explains how to do it and how to identify signs of improvement.Continue Reading

• How tabletop exercises can help uncover hidden security risks

  A regular tabletop exercise could help to identify security risks in scenarios relevant to your organization. Expert Bob Wood explains the steps in the process.Continue Reading

• How can the AirDroid app phone hijacking be prevented?

  A vulnerability in the AirDroid device manager app left users at risk of phone hijacking. Expert Michael Cobb explains how the exploit works, and what can be done to prevent it.Continue Reading

• Can a tablet security policy help protect enterprise users?

  BYOD isn't a new trend, but tablet security policy is increasingly important as users choose them over laptops for work. Expert Mike O. Villegas discusses tablet security policies.Continue Reading

• CISO challenges: Addressing cybersecurity blind spots

  Every enterprise has cybersecurity blind spots that it fails to recognize and address. Sean Martin explains what they are and how they create more CISO challenges.Continue Reading

• How do chief data officers affect the role of the CISO?

  Chief data officers are becoming more common in enterprises, but how does the presence of this c-level affect the CISO's role? Expert Mike O. Villegas discusses.Continue Reading

• Recent SSL attacks: How to protect your organization

  SSL attacks such as Heartbleed, POODLE and Shellshock have placed countless enterprises at risk. Learn how these different attacks work, and how they can be prevented or mitigated.Continue Reading

• How does the Trochilus RAT evade detection and sandboxing?

  The new Trochilus RAT can avoid detection in cyberespionage attacks. Expert Nick Lewis explains how it works, and if enterprises need to adapt their security programs.Continue Reading

• What new Asacub Trojan features should enterprises watch out for?

  The Asacub Trojan has new banking malware features. Expert Nick Lewis explains how it made this transition and what enterprises should be watching out for.Continue Reading

• Android security policies all enterprises should adopt

  Securing Android devices in the enterprise can seem like an uphill task. Applying these Android security policies might reduce the struggle security professionals face.Continue Reading

• Cyberextortion reaches new heights with bug poaching

  In this Risk & Repeat podcast, SearchSecurity editors discuss how a cyberextortion campaign is targeting enterprises that don't have official bug bounty programs.Continue Reading