Australia's Parliament has passed new laws enabling it to compel technology companies to break their own encryption. Although the government argued the laws are needed to combat criminal activity and terrorism, opponents argued the powers could creep beyond their scope and weaken the security of all software.
Multifactor authentication and privilege-based controls are among the forms of identity and access management that can help security leaders address key vulnerabilities in their organizations, says Charanjit Singh Sodhi of Normura Wholesale, who offers advice.
A severe vulnerability in Kubernetes, the popular open-source software for managing Linux applications deployed within containers, could allow an attacker to remotely steal data or crash production applications. Microsoft and Red Hat have issued guidance and patches; they recommend immediate updating.
Next to corporate communications that claim that "your security is important to us," any website post titled "security update" portends bad news. So too for question-and-answer site Quora, which says a hack exposed 100 million users' personal details, including hashed passwords and private content.
The Black Hat Europe information security conference returns to London, featuring 40 research-rich sessions covering diverse topics, including politically motivated cyberattacks, recovering passwords from keyboards thanks to thermal emanations, hacking Microsoft Edge and detecting "deep fakes."
Effective threat detection and containment at the organizational level now requires continuously monitoring activity across all deployed SaaS applications (e.g. Office 365, G Suite, Salesforce, etc.), all on-premises network infrastructure, endpoints and more. In today's rapidly evolving threat landscape, businesses...
For small to midsize enterprises (SMEs), the cloud is their ticket to digital transformation, giving them added flexibility and the ability to conduct business from anywhere at any time. However, cloud adoption comes in many types (private, public, hybrid) and forms (IaaS, PaaS, SaaS), each with its own cybersecurity...
SOC-as-a-service has rapidly become the preferred approach to detect and respond to advanced threats that bypass your existing controls. This white paper explains why, and underscores the differences between SOC-as-a-service, MDR, MSSP and SIEM.
Download the white paper and learn why:
Cloud-based security services...
How do you ensure that the cloud technologies enabling your business aren't also introducing security risks, impacting customer experience (CX), or accumulating more expenses than anticipated?
Download this eBook and learn how to:
Extend and enable your cloud infrastructure to protect your business from...
Marriott's mega-breach underscores the challenges companies face in securing systems that come from acquisitions as well as simply storing too much consumer data for too long, computer security experts say. Meanwhile, the hotel giant has yet to answer many pressing data breach questions.
Tabletop exercises are a critical way to make sure an organization's incident response plan is effective and everyone knows their roles, says Ronald Raether of the law firm Troutman Sanders.
Mobile and web site customers have two core expectations:
They want interactions to be fast, effortless, personalized, and engaging
They want their data and transactions to be secure and their privacy protected
Akamai engaged Forrester Consulting to survey over 350 technology executives around the world and...
Establishing trust through differentiated and secure digital experiences is key to competing in today's marketplace. Research led by Akamai Technologies and Forrester Consulting revealed that the world's leading businesses maximize value for their customers and brands by driving digital innovation.
Download this...
The Marriott hotel chain has announced its Starwood guest reservation database has been hacked, potentially exposing up to 500 million accounts. The unauthorized access to the database started in 2014, the company says.
Another day, another "Have I Been Pwned" alert, this time involving 44.3 million individuals' personal details found in unsecured instances of Elasticsearch, which appear to have been left online by Data & Leads, a Toronto-based data aggregation firm.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.
