Senator Asks DoD to Secure Its Websites
Senator Ron Wyden (D-Ore.) on Tuesday asked the chief information officer at the U.S. Department of Defense (DoD) to take immediate action to ensure that the organization’s websites use HTTPS. The senator noted that some of the DoD’s websites, such as the ones belonging to the NSA, the Army, and the Air Force, do use…
6 Steps for Applying Data Science to Security
Security practitioners are being told that they have to get smarter about how they use data. The problem is that many data scientists are lost in their world of math and algorithms and don’t always explain the value they bring from a business perspective. Dr. Kenneth Sanford, analytics architect and sales engineering lead at Dataiku,…
Where Are You Placing Your Endpoint Security Bets?
Defense-in-depth is a common security strategy that often includes a combination of endpoint security products, including next generation anti-virus (NGAV), traditional anti-virus (AV) and/or endpoint detection and response (EDR). But as attacks and breaches continue to surge, I can’t help but wonder: are these technologies missing the point? The CyberArk Endpoint Privilege Manager and products…
Secure Element — securing contactless payments in smartphones
Modern smartphones have successfully combined the functionality of a phone, camera, music player, public transit pass, and even a wallet for many years now. Naturally, this makes you wonder about the security of the data they store. Let’s figure out how well smartphones protect users’ most valuable information and how their main security mechanism — a…
Compliance is Not Synonymous With Security
While the upcoming GDPR compliance deadline will mark an unprecedented milestone in security, it should also serve as a crucial reminder that compliance does not equal security. Along with the clear benefits to be gained from upholding the standards enforced by GDPR, PCI DSS, HIPAA, and other regulatory bodies often comes a shift toward a…
Google to Delete ‘Secure’ Label from HTTPS Sites
Google plans to remove the “secure” label from HTTPS websites starting in September 2018, a move intended to acknowledge HTTPS as the standard for browser security. Users should expect all the sites they visit to be secured with HTTPS, the company reported last week. Earlier this year, Google announced plans to mark all HTTP sites as “not…
Keys to Crafting a Winning Mobile Security: Customers Weigh In
Experience is a valuable teacher, especially when you’re able to learn lessons from others who have taken similar journeys. That’s why we recently polled some of our most successful mobile security customers. They had valuable stories to share about the process they underwent evaluating and implementing mobile security solutions. We wanted to know the backstory:…
25% of companies affected by cloud cryptojacking
Cryptojacking has unquestionably gone mainstream. Despite heavy media and industry attention, organizations are struggling to meet compliance requirements in public cloud environments, according to RedLock. On the flip side, there’s evidence that companies are becoming more aware of cloud account compromises and implementing best practices to prevent attacks, but there’s still no shortage of new attack…
Can AI help bridge the IT security skills gap?
Host Steve Ragan reports from the show floor at RSA 2018, taking with Oliver Tavakoli, CTO at Vectra Networks, and author of the Thinking Security blog on CSOonline.com, about the types of IT security work that can be off-loaded to artificial intelligence systems.
EU Data Protection May Trigger Global Ripple Effect
The EU’s new data protection rules that enter into force later this month are having an impact around the world as firms, including in the United States and China, move to comply. While all firms globally are required to comply with the provisions of the General Data Protection Regulation (GDPR) when it comes to the data of…