See the startling results of meticulous analysis of hundreds of real-life insider attacks from the team at Carnegie Mellon University, where the CERT (Computer Emergency Response Team) function was created. The analysis results clearly indicate that, contrary to the majority of headlines, stealthy insiders pose a huge...
As the U.S. embarks upon its migration to EMV, fraudsters will begin testing other vulnerabilities and channels to exploit. As EMV alone does not protect all transaction-related data from exposure during a breach, we need to take a look at a broad range of complementary technologies, such as tokenization, encryption...
Coming off of 2014, the proverbial "year of the breach," 2015 has not been a year into which fraud analysts and cybersecurity officers entered blindly. A number of the trends we saw emerge in 2014 will influence not only the future attacks we see waged by hackers, but also the mitigation techniques and strategies...
Trying to consume threat data remains a difficult and highly manual process, says Solutionary's Joseph Blankenship. But better machine learning and artificial intelligence could make the task easier for enterprises.
In today's cloud-based and mobile-security world, data and applications regularly operate both inside and outside any supposed "traditional" network perimeter, and that makes them tough to secure, say F5 Networks' Preston Hogue and Greg Maudsley.
Why not tap a community of bug hunters to find vulnerabilities in your products? That's the pitch behind Bugcrowd, which enables thousands of bug hunters to earn prestige - and cash - for finding and reporting new vulnerabilities.
How can businesses ensure that the content coming into an application is executed safely, and that the application itself isn't under attack? That's the problem being addressed by Prevoty, says CEO Julien Bellanger.
Securing the enterprise means securing the endpoint, not the network, says Bit9's Harry Sverdlove. Learn why the expanding perimeter is a source of concern.
There's a big difference between threat data and threat intelligence, says Kevin Epstein of threat intelligence firm Proofpoint. Data alone is not enough to predict emerging threats, he says.
BitSight Technologies conducted research on breached organizations and how they were impacted by botnets. The results are eye-opening, says CTO Stephen Boyer, offering insights from this study.
As organizations increasingly focus on securing critical data, they mustn't overlook one huge vulnerability: enterprise email. Steven Malone of Mimecast discusses the latest in unified email management.
To mitigate the threat posed by malicious insiders or attackers who compromise real users' credentials, businesses must create and monitor a baseline of legitimate user behavior and activities, says Idan Tendler, CEO of Fortscale.
To deliver effective information sharing and threat intelligence, the security industry must settle on a single set of threat-sharing standards, says David Duncan of the Internet security firm Webroot.
Malware researchers can track important technical details about attacks, but shutting down cybercrime networks requires law enforcement agencies to take the next step, says Alexander Erofeev of Kaspersky Lab.
Rogue applications designed to impersonate a company's corporate brand are increasingly prevalent, offering attackers an easy way to fool online users into downloading malicious apps aimed at compromising credentials, says Arian Evans of the online security firm RiskIQ.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.