Securing a hybrid environment comes with inherent complexities - but there also are some misconceptions about security, says Tony Goulding of Centrify. He dispels the myths and sheds light on the new realities.
Oracle's Joshua Brooks understands why those charged with information security compliance can, at times, be overwhelmed when they must deal with frameworks associated with PCI, HIPAA, FedRAMP, ISO 270001 and NIST 800-53, to name a few.
Facebook says hundreds of bogus profiles and group pages likely linked to Russia bought $100,000 worth of politically themed and divisive ads aimed at U.S. voters. The finding affirms the belief of U.S. intelligence agencies that Russia waged a multipronged effort to disrupt the U.S. election.
Instagram is warning that more users were affected by a hack of its systems than it first suspected. While email addresses - and some phone numbers - for celebrities, including Emma Watson and Lady Gaga, appear to have been compromised, 6 million account holders in total may have been affected.
Password security guidance: Do block users from picking commonly used passwords. But to avoid a usability nightmare, don't block users from picking any password that's ever been seen in a data breach, security experts advise.
Yes, malware commonly targets the Windows operating system. But if you limit malware analysis to Windows OS, you're leaving gaping vulnerabilities, says Christopher Kruegel of Lastline Inc. Here's how to maximize your analysis.
What trait does a global cyberattack and a hurricane share? Both could cost insurers - and victims - dearly. In a new report, Lloyd's of London estimates that a major cloud services attack could trigger $53 billion in losses and cleanup costs.
Verizon has apologized to customers after a contractor failed to secure an Amazon Web Services S3 bucket, leading to the exposure of data relating to 6 million accounts. But it's unclear if Verizon plans to notify customers whose data and accounts might be at risk.
When asked, "What's your container strategy?" the majority of CISOs will respond by asking: "What's a container?" So says Tenable's Gavin Millard, who sees ongoing confusion about how containers can help organizations not only move to the cloud but stay secure, provided they're correctly managed.
Rapid patching and adoption of updated software has long been a "must do" security imperative. But as WannaCry demonstrated, many organizations have yet to master the patch-management challenge, says Jack Huffard, president and COO of Tenable.
A former Qualys customer for more than a decade, Mark Butler is now the company's CISO. And one of his jobs is to help spread the word to other security leaders about the vendor's vulnerability management solutions.
Tata Communication's Avinash Prasad clears up misconceptions about the emerging security-as-a-service model and describes the role it can play, especially at organizations growing through mergers and acquisitions.
Infosecurity Europe 2017 in London drew an estimated 18,000 attendees. Here are 13 visual highlights from the annual information security conference, ranging from tchotchkes and keynotes to 19th century architecture and live hacks of internet-connected devices.
On the eve of Europe's biggest annual cybersecurity conference, and scores of interviews with some of the world's leading information security experts, I'm asking how the London Bridge attacks will change the tenor of at least some of these discussions.