Security

News, trends and insights for cybersecurity in the digital age

Why predictable cyber security practices are less secure

bad-cyber-security-practices

Have you ever tried to catch a fish with your bare hands? I have, and it is nearly impossible. By the time your hands enter the water, the fish has already moved away. What makes this near instantaneous reaction possible is the fish’s escape response.  When a fish detects a predator approaching, it does a […]

Automating and orchestrating “SecOps” and integrating service management

orchestra-conductor

By Curtis Price, IDC Managing an enterprise’s security posture and mitigating risk continues to be a top of mind concern for corporate executives. Enterprises are not only spending more on technologies to prevent attacks, but also establishing procedures for quickly and effectively responding to a breach. However, as organizations develop holistic security strategies that span […]

Identity management is coming to the Internet of Things

IoT-and-security-as-gears

The security of IoT Devices matters. If we’re to actually live in a world where we reap the full potential from Internet-connected devices, those devices will need to be reasonably secured. Device makers will need to take the secure design and development of their gear seriously. Device owners, meanwhile, will have to take the effective […]

Staff and IT leadership at odds over data security

arguing-speech-bubbles

It’s no secret that employees and contractors are one of the primary causes of enterprise security events. It’s not that most insiders who cause data breaches are malicious. They’re not. They may carelessly send a cleartext email that contains sensitive information, reuse the same password across applications, or lose an unencrypted notebook or portable storage […]

Good news, bad news: A look at the Cyber Incident and Breach Trends Report

good-news-and-bad-news

The most recent Cyber Incident and Breach Trends Report from the Online Trust Alliance found that overall data breaches and exposed risks were down in 2018. That’s the good news. Unfortunately, the news didn’t stop there. According to the report, ransomware’s financial hit grew by 60% last year, losses from business email compromise attacks doubled. […]

Mobile security: There’s a bad app uprising

blacklisted-mobile-apps

In June, a report found a near 15% increase in blacklisted mobile apps that have been deemed dangerous by experts. This increase came after nine month of decline. The findings were part of an analysis by security firm RiskIQ, which analyzed more than two million new apps and more than 120 mobile app stores available […]

NIST proposes Secure Software Development Framework

cyber-security-framework

Ever since Bill Gates fired off his famous Trustworthy Computing memo in January 2002, developing secure software has been a hot topic of discussion. It was important before then, for sure, but it was often overlooked. It took a series of high-profile worms such as Code Red and Nimda and a series of breaches to […]

Emerging digital technology means emerging job opportunities for cyber security pros

cyber-security-pros

Every technology, from the wheel to artifical intelligence (AI), has introduced both opportunities and dangers. The wheel, for example, allowed humans to travel and to transport goods and equipment across distances. The wheel also allowed the Greeks to roll a giant Trojan horse into the city of Troy to launch a sneak attack with soldiers […]

Evite cualquier ataque, mientras avanza en su transformación digital

No importa en qué etapa está su organización en el viaje hacia la transformación digital. Tenga cuidado con los peligros que le acechan por el camino. Verá cómo otros compañeros de viaje han sufrido ataques una y otra vez, por la acción de cibercriminales que causan estragos con ransomware, ataques distribuidos de denegación de servicio, […]

What does Microsoft’s move mean for passwords?

password-on-laptop

The FIDO Alliance (Fast Identity Online Alliance) recently awarded Microsoft Hello, Microsoft’s Windows facial recognition system, FIDO2 certification. With this certification, Windows devices can use biometrics — such as facial recognition, fingerprint, or FIDO2 security keys — to authenticate to devices. While this news is Microsoft focused, it’s part of a broader push to depreciate […]