Latest

Fraud Management & Cybercrime

The Need for a 'Collective Defense'

Ishita Chigilli Palli  •  February 27, 2020

Among the top issues being discussed at the RSA 2020 conference this week is the need for more cybersecurity collaboration between government agencies and the private sector. Here are some interview highlights.

Governance

How Machine Learning Can Strengthen Insider Threat Detection

Akshaya Asokan  •  February 27, 2020

As companies continue to grapple with the challenges of insider threats, machine learning coupled with behavioral analytics can assist in predicting and detecting potential threats from employees and contractors, according to a panel of security experts at RSA 2020.

Governance

Israeli Marketing Company Exposes Contacts Database

Jeremy Kirk  •  February 27, 2020

An Israeli marketing company left the authentication credentials for a database online, exposing more than 140 GB worth of names, email addresses and phone numbers. The exposure was found by a U.S.-based security specialist who became frustrated after receiving unwanted marketing messages over SMS.

►

Cloud Security

Why The Cloud Is The New Network

Nick Holland  •  February 27, 2020

Barracuda Networks has released the findings of its latest survey on public cloud security. Fleming Shi, the company's chief technology officer, describes what is holding organizations back from fully embracing the public cloud.

Biometrics

Sizing Up the Roles of Behavioral Analytics, 'Zero Trust'

Ishita Chigilli Palli  •  February 26, 2020

Improvements in behavioral biometrics and analytics are changing the way many financial services firms approach authentication. And more companies also are taking a "zero trust" approach to improve identity and access management, according to two security experts interviewed at RSA 2020.

►

Analytics

The Ongoing Search for Indicators of Behavior

Tom Field  •  February 26, 2020

Indicators of compromise are important. But what if you could also detect patterns of behavior that tip you off before a crime? This is where Cybereason's Sam Curry is trying to shift the focus.

►

Security Operations

Mitigating Threats to Operational Technology

Tom Field  •  February 26, 2020

Digital convergence is driving a shift in the security landscape for operational technology. Fortinet's Jonathan Nguyen-Duy discusses the manifestations of this shift and how to address them.

►

Governance

Security and Privacy: Often Aligned, But Sometimes Not

Mathew J. Schwartz  •  February 26, 2020

Not so long ago, many were confused about how security and privacy differ, but that has been rapidly changing, thanks to regulations such as the European Union's General Data Protection Regulation and California's Consumer Privacy Act, says attorney James Shreve, a partner at Thompson Coburn LLP.

►

Training & Security Leadership

Reducing Security Complexity a Top Challenge for CISOs

Mathew J. Schwartz  •  February 26, 2020

Reducing security complexity remains one of the toughest challenges facing CISOs, driven by the non-stop increase in threats, says Jeff Reed of Cisco. Creating a sustainable solution will require advances in vendor interoperability, as well as automation and visibility, he says.

►

Business Continuity Management / Disaster Recovery

The Role of 'Zero Trust' in Pandemic Threat Management

Nick Holland  •  February 26, 2020

The threat of the coronavirus outbreak emphasizes how remote access to workplaces is critical in business continuity. Stan Lowe of Zscaler discusses "zero trust" in the context of pandemics.

►

Cybercrime as-a-service

Ransomware Attacks Growing More Targeted and Professional

Mathew J. Schwartz  •  February 26, 2020

Ransomware-wielding attackers - aided by a service economy that gives them access to more advanced attack tools - are increasingly targeting organizations rather than individuals to shake them down for bigger ransom payoffs, says McAfee's John Fokker.

►

Cloud Security

Cloud Protection: How to Secure Server Environments

Mathew J. Schwartz  •  February 26, 2020

Development teams are increasingly building and deploying for the cloud, but DevOps practices too often fail to account for what happens after applications go from development into production and maintenance - and the ongoing security challenges they will face, says Jake King, CEO, of Cmd.