Leading the latest edition of the ISMG Security Report: Inside the darknet marketplaces that serve cybercrime-as-a-service buyers and sellers. Also, why the healthcare sector remains so bad at detecting data breaches and blocking ransomware.
The U.S. government's idea to take the reins of the development of 5G mobile networks has been met with cynicism and criticism. But there are goods reasons the government is worried: Standards haven't been set in stone yet, and 5G will present a bevy of new security challenges. Here are some of them.
The White House, fearing China is spying on phone calls, has suggested that the U.S. government take a primary role in marshaling the development of secure 5G networks. But would nationalizing 5G networks make them more secure?
Fresh research into mobile apps designed to control ICS systems from afar has unearthed unnerving findings. More than 20 percent of mobile ICS apps have issues that could allow an attacker to influence an industrial system.
Following the alert over Meltdown and Spectre vulnerabilities, the U.K. Information Commissioner's Office is warning that failures to patch today could be punished with fines under GDPR once enforcement of the data protection law begins later this year.
Fixes for the Meltdown and Spectre vulnerabilities are leading to decreased processor performance, triggering cloud service and data center slowdowns. All Windows servers - plus older PCs - as well as Linux servers appear to be experiencing noticeable slowdowns.
Some Indian organizations are not aware that their networks are being used for mining bitcoins, says Rakesh Goyal, managing director at Sysman Computers, a CERT-In empaneled audit firm, who offers insights on improving network security.
Microprocessor makers Intel, ARM and AMD, as well as operating system and software developers and makers of smartphones and other devices, are rushing to prep, test and ship fixes for the serious CPU flaws exploitable via Meltdown and Spectre attacks.
The exponential increase in encrypted internet of things traffic over the next few years will change security dynamics because most security solutions cannot process encrypted traffic, contends Sanjay Gangadharan of A10 Networks
Simulated attacks by an information security testing firm have found that fresh WannaCry, NotPetya and EternalRocks would still rip through many an enterprise network. Here's how organizations must respond.
To better address security issues, companies in the manufacturing industry need to ensure proper communications between their operational technology and information technology specialists, says RaviKiran Avvaru, head of IT at Toyota Kirloskar.
Most of the criminal activity targeting today's enterprises originates at the endpoint, and the majority of modern breaches use known threats or vulnerabilities for which a patch already exists. For this reason, endpoint visibility must be complete and continuous.
Artificial intelligence can help improve network health by building a "pattern of life" for every device, user and network, says Justin Fier of Darktrace, who explains how to improve network visibility.
Improving network security requires understanding your environment and controlling it before implementing network segmentation, says Nathaniel Gleicher of Illumio, who explains lessons that can be learned from the Secret Service's approach.