Application Security is much different than other security domains, so applying the standard methods does not necessarily address the unique challenges that AppSec can bring.
Network security is everywhere so naturally, we understand the need for securing the perimeter. However, application vulnerabilities, which...
RoboCent, a company that specializes in robocalling voters, left nearly 3,000 files containing detailed data about Virginia voters online by mistake. The data has been secured, but the incident points again to ongoing problems of security misconfigurations in repositories and lack of end-to-end encryption.
An advisory group that includes a diverse array of members will spend the coming months devising detailed guidance on how to address the "shared responsibility" of medical device cybersecurity, explains Greg Garcia, who is leading the initiative.
This white paper looks at how payment innovation is impacting fraud departments and the growing importance of removing friction to improve the customer experience. The mobile and online channels are the future; being able to authenticate returning customers and determine who new applicants really are will be essential...
Asked in a press conference if he would denounce Russia for interfering in U.S. elections, President Trump responded with a conspiracy theory about a missing DNC server. Some security experts say Trump's response was nonsense and flies in the face of good digital forensics and incident response practice.
Medical laboratory testing firm LabCorp is investigating a weekend cyberattack on its IT network, which resulted in the company taking certain processes offline. The attack is just the latest cyber assault on the healthcare sector.
Traditional server security controls were not built for ransomware, cryptojacking and other modern attacks. Paul Murray of Sophos discusses deep learning, anti-exploit technology and other key elements of the new wave of server defenses.
Look at information security through the lens of business risk, and you'll begin to make decisions about security in light of their impact on the business.
With security threats emerging faster than ever, what if your most important information is not protected? What strategic business advantage do you gain if it is...
Every day, as employees routinely use applications and share data, they leave behind an invisible "access footprint" - credentials and connections to other systems. These are the basic tools - keys - that advanced
attackers use once inside your network to move from their initial point of entry to their targets. The...
When should a technology or security leader get involved in M&A? The short answer: as early as possible. Security
really should play a prominent role before, during, and after the acquisition activity.
Download this eBook to learn more about:
High-profile incidents of cyber disruption during M&A;
As the Department of Health and Human Services explores how to spur innovation and investment in the healthcare sector, cybersecurity is among top issues that need to be addressed, some industry organizations stress.
In the run-up to the U.S. mid-term election, CrowdStrike is seeing suspicious threat activity, and the firm's James Yeager has advice both for the public and private sectors on how to ensure enhanced election security.
A recent analyst report stated 80% of respondents confirmed the use of Web Application Firewalls (WAFs) to protect public-facing websites and applications, but most have remained concerned their WAFs may not be covering all of their security requirements. Your basic WAFs could be risking your data to theft and...
A coding mistake by an electronic health records vendor has resulted in a data breach impacting thousands of United Kingdom patients. But the incident also serves as a reminder to healthcare entities in the U.S. and elsewhere about the variety of data privacy and security risks vendors can pose.