The best way to take a holistic approach to the current threat landscape is to define security issues as business problems and then put the problem before the solution - not the other way around, contends RSA CTO Zulfikar Ramzan.
Malware detection needs to shift to detecting anomalous behavior, rather than depending on signature-based detection technologies to deal with such threats as sandbox-evading malware, says Verizon's Ashish Thapar.
Threat analytics involves understanding where threats to key data assets exist and planning your mitigation strategy around that, says Skybox's Gerry Sillars.
Discover Scenarios and Solutions for Privileged Password Management
The use of stolen credentials ranked as the number one action variety in data breaches in 2017 (source: 2018 Verizon Data Breach Investigations Report), and organizations continue to make it easy for attackers.
For instance, many IT...
The STIX and TAXII standards for threat intel interchange have undergone a major upgrade to v2.0. LookingGlass CTO Allan Thomson, who's been closely involved in its development, describes the role of these enhanced standards.
A number of innovative applications of blockchain technology for security are emerging, but Laurence Pitt of Juniper Networks warns that not all data is suitable for storage in a blockchain.
Achieving built-in, rather than bolted-on security at the DevOps stage through transparent orchestration is the new mantra for building resilient systems and software, says Sumedh Thakar of Qualys.
Artificial intelligence has the potential to filter out much of the noise that can bog down teams trying to triage security alerts, says Bryce Boland, former CTO for FireEye in Asia-Pacific.
Artificial intelligence and machine learning will have a significant impact on lowering the cost of securing an organization because it will reduce the need for advanced skillsets, predicts Rapid7's Richard Moseley.
An analysis of the privacy issues Amazon will face as it dives deeper into the healthcare business leads the latest edition of the ISMG Security Report. Also featured: A preview of ISMG's Security Summit in New York Aug. 14-15.
Check Point says it has found three ways to falsify messages in WhatsApp, which it claims could be employed by scammers and used to spread fake news. WhatsApp acknowledges the findings, but it will not engineer patches.
Although there's widespread agreement that addressing security early in the software development cycle is an essential component to any breach prevention strategy, implementing DevSecOps can prove challenging.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.
