Information security programs continue to rely not just on security policies, but also the controls that ensure they get enforced. Unfortunately, such controls begin degrading the moment they're put in place, sometimes rapidly, says Josh Mayfield, director of security strategy at Absolute Software.
Every security leader wants visibility into the potential attack surface. But that surface is changing in vast new ways, owing to the cloud and connected devices. Mario Vuksan of ReversingLabs defines what visibility truly means today.
In a keynote address at the RSA Conference 2019, RSA President Rohit Ghai encouraged attendees to work in the coming years to "implement a security program with machines and humans working together. Humans asking questions; machines hunting answers."
As companies push more data to the cloud, large enterprises such as MGM Resorts International are balancing what it takes to complete their digital transformation journey and securing data that is rapidly moving off premises.
Facebook is edging closer to launching its own cryptocurrency, with a rollout expected this year, The New York Times reports. But some critics argue that the project seems more like a trendy and unnecessary redressing of a PayPal-like system with a blockchain.
Just days after Drupal warned of a "highly critical" flaw in its web services modules, hackers came calling, exploiting the content management system vulnerability to install cryptocurrency miners and other malicious software on sites, security experts warn.
Every threat hunt starts with intelligence. As one of the industry's most comprehensive knowledge bases for adversary behavior, ATT&CK provides a structure for hunters to build their hypotheses and search for threats.
Facebook's effort to stem the flow of fake news globally has been ineffective, allege some fact checkers who have collaborated with the social media giant to identify and debunk false stories. Is the social media giant merely conducting a public relations exercise?
Technology organizations say Australia's anti-encryption law passed in December 2018 is already undermining trust in their local operations. The comments come as a Senate committee is reviewing the law - passed in a hurry in December - to consider whether to amend it.