You can see it in the latest high-profile attacks: Security requirements are ever more complex, exceeding the capacity of current protection capabilities. Enterprises need a new strategy for defending entry points, and Tom Sego of BlastWave believes he has it.
SolarWinds has uncovered evidence that intruders were in its systems in January 2019, about eight months earlier than originally believed. CEO Sudhakar Ramakrishna says the company discovered the clues by analyzing terabytes of data from its virtual build systems.
Allen Phelps, CEO of the security firm Trust Farm, reviews some of the tactics, techniques and procedures used by foreign influence threat actors to target research organizations and shares some best practices to defend against those threats.
Investigators at industrial cybersecurity specialist Dragos say an employee of the water treatment plant in Oldsmar, Florida, where a cyberattack was thwarted, had visited an infected website the same day, but that apparently played no role in the security incident.
What more can be done to disrupt cybercrime operations and embolden even tough-to-reach jurisdictions to take action against suspects? Craig Jones, director of cybercrime at Interpol, describes recent disruptions - for example, of Joker's Stash - and takeaways for combating today's top online threats.
Securing the perimeter has given way to securing the application environment. And with this shift comes a new urgency to inject real-time security solutions in these dynamic new environments. Sameer Malhotra, CEO and co-founder of TrueFort, shares insights.
Troels Oerting, a veteran CISO who most recently served the World Economic Forum, has a storied career. He's been there, done that and mitigated the risk. In this exclusive conversation, he shares his opinions on today's threats, emerging technologies and challenges for the next generation of security leaders.
What do the world's leading encryption and security experts think about non-fungible tokens, supply chain attacks, coordinated vulnerability disclosure and the state of quantum computing? The cryptographers' panel at RSA Conference 2021 addressed all these issues.
A recent study showed that even though 82% of cybersecurity professionals are familiar with the MITRE ATT&CK framework, only 8% said they used it regularly. This led to development of the new MITRE ATT&CK Defender training and certification. Rick Gordon of MITRE Engenuity explains.
Security orchestration, automation and response technologies, or SOAR, give organizations the ability to manage an increasing number of alerts. But security experts say there's no worry that SOAR will replace people. In fact, SOAR could help with staff retention.
He is known for his regular reports for Reuters, as well as for his books, including the latest: "Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World." Joseph Menn opens up on the biggest stories of the year and the lessons that must be learned.
The past year has taught us much about resilience. But how do we update our tools and skills for the future? Vasu Jakkal, corporate vice president at Microsoft, discusses new, fundamental cybersecurity shifts and how our strategies for acquring skills and diversity must reflect them.
He's been a police officer, a Secret Service agent, a CIO and a CISO. And it all comes together. Don Cox, currently a chief technology evangelist at CIBR, discusses his career path and how his police background assists him in leading cybersecurity organizations.
Potential investors in the cybersecurity sector need a deep understanding of what the pinch points are for cybersecurity practitioners. Andy Ellis, a 20-year CSO at Akamai who is now an operating partner at YL Ventures, discusses what cybersecurity sectors are attracting investment - and why.