In 2017, 15,038 new CVEs were published, up from 9,837 in 2016. Last year, 16,500 new CVEs were disclosed. With vulnerabilities growing year after year, patching every potential threat to your business is a futile exercise. The need to prioritize is clear, but where to start, especially when CVSS categorizes the...
Communication of cyber risks to executives using enterprise risk methodologies is imperative for improving incident prevention, according to Randy Trzeciak and Brett Tucker of Carnegie Mellon University, who offer tips.
Given the unsustainability of the status quo, it's a question worth considering.
Technology constantly advances. Businesses now leverage the cloud, mobility, AI, IoT, and blockchain
in ways that were once unthinkable. So no one can credibly claim that the same technologies they used
to empower their business a few...
Malicious and accidental insiders alike have drawn renewed attention to the insider threat. Patrick Knight of Veriato offers new insight on the scale of the problem and how to tackle it.
A former U.S. Air Force counterintelligence agent was indicted for disclosing classified information and helping Iran compromise the computers of other U.S. intelligence agents. The case marks another damaging leak for the American government.
Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware!
Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist and security expert with over 30-years of experience, for this webinar...
In 2018, the Identity Theft Resource Center counted 1,244 U.S. data breaches - involving the likes of Facebook, Marriott and Exactis - that exposed 447 million sensitive records, such as Social Security numbers, medical diagnoses and payment card data.
The U.S. Securities and Exchange Commission has charged seven individuals and two organizations with being part of an international scheme that hacked the SEC's EDGAR document system, stole nonpublic corporate information and used it to illegally earn $4.1 million via insider trading.
Despite increased use of two-factor authentication and biometrics, passwords are still the most common form of authentication. However, when most breaches are caused by weak, stolen, or reused passwords, it's clear passwords pose significant risks that can't be ignored.
From potential security breaches to increased...
Corporate espionage. The internet of threats. Today's risks are nothing short of scary. And with new challenges popping up nearly every day, infosec professionals are under even greater pressure to identify their own vulnerabilities, before hackers do it for them.
So what can you do to keep your organization...
As a general rule, negligent incidents are far more common than malicious ones. Negligent insiders are employees that unintentionally jeopardize security, often through well-intentioned ignorance, laziness, or simple human error.
While many security teams make the mistake of focusing exclusively on would-be malicious...
Israel-based Yehuda Lindell, a cryptography professor, describes how to use secure multiparty computation technology to protect cryptographic keys and describes other potential security applications.
A failure to patch systems and slipups that lead to insider threats are two major causes of breaches in the healthcare sector that need to be urgently addressed, says Anahi Santiago of Christiana Care Health System.
When it comes to fraud prevention, many organizations overlook the insider threat - both the malicious actor who intends to commit fraud, as well as the accidental insider who makes a mistake or is taken advantage of by an external entity? This topic is particularly relevant now, when many public and private sector...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.