Latest

►

Next-Generation Technologies & Secure Development

Inside Netscout's Threat Report

Tom Field  •  March 25, 2019

Netscout is out with its latest threat report, and the research offers some startling new insights into DDoS, advanced threats and the commercialization of cybercrime. Hardik Modi offers analysis.

►

Cybersecurity

API-Centric Automated Attacks on the Rise

Varun Haran  •  March 25, 2019

CloudEntity CEO Nathaniel Coffing shares insight on building foundational API security in a zero-trust world.

►

Cybersecurity

CrowdStrike's 2019 Global Threat Report

Tom Field  •  March 25, 2019

CrowdStrike is out with its 2019 Global Threat Report, which includes a ranking of the most dangerous nation-state adversaries. The company's CTO, Dmitri Alperovitch, discusses the report's key findings about threats and threat actors.

►

DevSecOps

Why Security for DevOps Is Lagging

Mathew J. Schwartz  •  March 25, 2019

Many large organizations are app developers, and individuals are increasingly using apps to access computing resources. But the age-old problem of code not being reviewed for flaws at every stage of testing and production continues, warns Joseph Feiman of WhiteHat Security.

Cybercrime

LockerGoga Ransomware Suspected in Two More Attacks

Scott Ferguson  •  March 25, 2019

A pair of U.S. chemical manufacturing companies have reportedly been struck by the LockerGoga ransomware over the past month and continue to recover from the same cyberattack that took down part of Aluminum giant Norsk Hydro last week.

►

Cybersecurity

Enterprise Security in the Era of Digital Transformation

Nick Holland  •  March 25, 2019

Digital transformation is having a significant impact on enterprise security. Zscaler's Stan Lowe describes the evolving role of the CISO in the age of cloud and connectivity.

►

Cybersecurity

Technology's Role in Digital Risk Management

Tom Field  •  March 25, 2019

As enterprises embrace strategies built around digital risk management, it isn't that technology becomes a less important conversation. Instead, it's more strategic. Zulfikar Ramzan, CTO of RSA, outline's technology's role in the business path forward.

►

Cybersecurity

AT&T Cybersecurity Sets Sights on Threat Intelligence

Tom Field  •  March 25, 2019

AT&T has just re-branded its AlienVault acquisition as AT&T Cybersecurity. Javvad Malik, security advocate for the firm, explains its place in the global market and how it will impact delivery of threat intelligence.

►

Cybersecurity

The Dark Side of Cybersecurity: Burnout

Mathew J. Schwartz  •  March 25, 2019

Call to action: Information security teams should "include mental health topics in their team meetings, their management reports and metrics, as well as face to face meetings," says to Thom Langford, head of security consultancy (TL)2, speaking from experience.

►

Authentication

Gaining Visibility and Control Over Passwords

Nick Holland  •  March 25, 2019

Passwords are still a persistent security threat, given their ubiquity as a form of authentication and the inability of users to create strong, unique passwords. John Bennet of LogMeIn discusses the issue and solutions.

►

Cybersecurity

Threat Watch: Phishing, Social Engineering Continue

Mathew J. Schwartz  •  March 25, 2019

Reviewing 2018 attacks, Jon Clay of Trend Micro, says social engineering persists, including phishing attacks, while criminals also continue to steal credentials, lob ransomware at targets and push cryptomining malware.

►

Application Security

Application Security and the Focus on Software Integrity

Tom Field  •  March 25, 2019

As trends such as DevSecOps and agile application development spread, enterprises increasingly are focused on software integrity. Andreas Kuehlmann of Synopsys discusses how to address this shift.