Security
-
Q&AAfter a 3-day cyberattack simulation, 'it's like crickets' for executives to discuss flaws, vulnerabilities
The city conducted the Jack Voltaic 2.0 exercise to answer a simple question: "If all sectors are under a coordinated cyberattack, would we be aware and able to handle it from within?"
By Katie Pyzyk • Aug. 17, 2018
-
Cisco evolving its product portfolio and the 'strategy is working,' CEO says
The company has embraced overhauling its product portfolio, revamping offerings for a more security-conscious world.
By Naomi Eide • Aug. 16, 2018
-
Small business cybersecurity act becomes law, but is it enough?
The amendment requires NIST to provide cybersecurity resources for small businesses, but incentivizing small businesses to take a more active role and utilize them may prove a challenge.
By Alex Hickey • Aug. 16, 2018
-
Juggling high-profile problems, Uber hires security officer
Matt Olsen joins the ride sharing company after Uber's former chief security officer was fired in the wake of the company's breach revelations last fall.
By Alex Hickey • Aug. 15, 2018
-
Intel chip saga continues: 'Foreshadow' vulnerabilities disclosed
Dubbed 'Foreshadow,' the three flaws could be particularly devastating because they also allow malicious actors to access information in other virtual machines on the same cloud infrastructure.
By Alex Hickey • Aug. 15, 2018
-
Privacy quandary: Companies track users' 'behavioral biometrics' in the name of security
Organizations that use behavioral biometrics to monitor customers carry a risk and have to ensure the data they're surveilling is not personal information.
By Samantha Ann Schwartz • Aug. 15, 2018
-
Attack of the office relic: Researchers find exploitable flaws in fax machines, printers
While unplugging a printer or fax machine from its power supply can stop an intrusion, it's not a fix that many companies opt for.
By Samantha Ann Schwartz • Aug. 13, 2018
-
Why product testing companies are finally upping scrutiny on security
Third parties are working to improve product security, one review at a time.
By Alex Hickey • Aug. 09, 2018
-
To make systems safer, put more bugs in them
New York University security researchers found chaff bugs can be designed as "non-exploitable" when conditions are constrained and controlled.
By Samantha Ann Schwartz • Aug. 08, 2018
-
Can industry overcome political differences to work with Trump admin on cybersecurity?
Vice President Mike Pence and DHS Secretary Kirstjen Nielsen renewed calls for public-private cybersecurity partnerships through government institutions.
By Alex Hickey • Aug. 07, 2018
-
Breaches set to taper off in 2018, but deep rooted vulnerabilities remain
What impact are the 300,000 open security jobs having on the number of data breaches occurring at companies?
By Samantha Ann Schwartz • Aug. 07, 2018
-
Can Symantec get past its legacy brand image?
The company has to battle perceptions of being a legacy brand out of place in the modern market, so fixing its brand may be more of a sales and marketing issue than a technology one.
By Alex Hickey • Aug. 06, 2018
-
With $2.35B Duo Security purchase, Cisco stakes claim on end-to-end network access
It's a new security era for Cisco, which is traditionally rooted in networking technology.
By Naomi Eide • Aug. 03, 2018
-
Private sector pay and opportunity pose big threat to federal talent retention
Federal agencies can effectively choose to ignore policies because they are outdated or don't make sense for the current framework.
By Samantha Ann Schwartz • Aug. 03, 2018
-
HP, Bugcrowd to pay researchers to get printers out of a jam
Through the bug bounty program, the companies want their invite-only security researchers to hone in on vulnerabilities on the firmware level.
By Samantha Ann Schwartz • Aug. 02, 2018
-
Cyberattacks targeting the software supply chain nearly double
As more data are managed on the cloud, supply chain managers must understand the vulnerabilities of both emerging and legacy technology.
By Gary Wollenhaupt • Aug. 02, 2018
-
DHS walks back utility cyber warnings as Southern CEO says no grid emergency
Hackers cannot cause widespread power outages at this time, DHS said, tempering statements the agency made last week warning that cyber criminals could "throw switches" on the grid.
By Gavin Bade • Aug. 01, 2018
-
US retailers lead world in data breaches
Despite big spending by U.S. retailers, data breaches continue to grow, according to a study, with half reporting a breach in the last year.
By Dan Alaimo • July 31, 2018
-
OpinionReal risks of using file transfer protocol
The newest technology for B2B data exchange is managed file transfer protocol, an industry best secure communications framework.
By Chandra Shekhar
-
Houston runs 3-day cyberattack stress test
The Jack Voltaic 2.0 Cyber Research Project will simulate a concurrent cyberattack and a natural disaster, testing how the incidents affect responses, collaboration and communications.
By Jason Plautz • July 27, 2018
-
Malicious actors seeking exploits in SAP and Oracle ERP applications on the rise, US warns
Over the last three years, public exploitations of SAP and Oracle ERP apps have increased by 100%, according to new research.
By Samantha Ann Schwartz • July 26, 2018
-
Deep DiveHow vulnerable is the grid to cyberattacks, really?
Experts say a recent DHS briefing that warned hackers could cause widespread blackouts may have overstated the threat.
By Gavin Bade • July 25, 2018
-
How does Google prevent phishing attacks on its 85K employees? It gives workers a key
Changing credentials and introducing physical access — whether through a key or GPS location — is part of an emerging shift in identity and access management.
By Naomi Eide • July 24, 2018
-
America's in a cyberwar and 'I am not convinced we're winning,' former House intel chair says
There's a machine learning arms race taking place between system defenders and hackers, and the advantage boils down to who has the most training data.
By Alex Hickey • July 23, 2018
-
OpinionSecurity: The job sucks
But with the right steps, this job doesn't have to suck. Keep the lines of communication open, find signals and anomalies that matter and advocate for security experts everywhere.
By Rich Reybok