For too long, code writers have been measured on the features built into their applications - not the potential security vulnerabilities. It's time to change that perspective, says Maty Siman of Checkmarx.
Individuals resort to lying about themselves to protect their identities when accessing systems in today's imperfect cyber world, says Peter Tapling, president of Authentify, an out-of-band authentication service.
One of the biggest misunderstandings about the Heartbleed bug in the healthcare sector is that it only affects websites and Web servers. In fact, medical devices are also at risk for the vulnerability, says security expert Mike Ahmadi.
Microsoft has issued a fix for the Internet Explorer bug, including an update for Windows XP users. The update repairs a vulnerability in the browser that could allow hackers to gain control of a user's computer.
A breach involving the posting of information about 15,000 Boston Medical Center patients on a transcription firm's unsecured website serves as a reminder of the importance of monitoring the security practices of business associates.
DDoS attacks have grown in sophistication. But so have organizations' dependencies on the services disrupted by DDoS, says Corero's Ashley Stephenson. How should security leaders respond to protect their critical services?
When it comes to DDoS attacks, the hacktivists get all the headlines, but there is a robust service industry behind the scenes, supporting these sophisticated strikes, says Darren Anstee of Arbor Networks.
Organizations across all industry sectors understand the importance of information security. But turning security awareness into meaningful action - that's the challenge that many midsized entities face, says Sophos' Nick Bray.