“Smart city” governments should also be smart about security
While the definition of “smart city” is still under debate, one thing is indisputable: the technologies used to make smart cities a reality are currently acquired and deployed after very little (or even no) security testing. Cesar Cerrudo, CTO at IOActive and board member of the Securing Smart Cities initiative, says that city governments –…
Unmask cybercriminals through identity attribution
Organized crime has grown more complex since the turn of the century—coinciding with the rise of the digital world, cybercriminals have leveraged the proliferation of technology to broaden their reach with a more sophisticated network-structured model, effectively globalizing their operations in cyberspace and ultimately allowing cybercriminals to devastate companies and consumers alike. The faster you…
Cloud-native applications need a unified continuous security approach
Cloud-native has arrived and now, it’s taking over. By 2021, 92% of companies will go cloud-native. It’s faster, it’s more efficient, more scalable, and more flexible. But is it more secure? As businesses integrate cloud-native technologies, such as Kubernetes, across their clouds, the complexity and distributed nature of these platforms increasingly require companies to rethink…
Managing and monitoring privileged access to cloud ecosystems
Cloud data breaches are on the rise, demonstrating time and again the need for a different approach and strategy when it comes to managing and monitoring privileged access to cloud ecosystems. Privilege access management (PAM) should: Be risk-aware and intelligent Reduce sprawl of infrastructure, accounts, access and credentials Use continuous identity analytics.
How long before quantum computers break encryption?
The verdict is in: quantum computing poses an existential threat to asymmetric cryptography algorithms like RSA and ECC that underpin practically all current Internet security. This comes straight from the National Academy of Science’s Committee on Technical Assessment of the Feasibility and Implications of Quantum Computing. The inevitable follow-up: OK, so how much time do…
Cybersecurity automation? Yes, wherever possible
There was a time when companies were hesitant about their IT and security teams using automation to discharge some of their duties. “I think much of that was due to the feeling that if a task was automated and something went wrong, IT was not in control and did not have as much visibility,” Candace…
Security is slowly becoming essential to doing business
A veteran of the information security industry, Greg Jensen has spent the last six years at Oracle as the Senior Director of Oracle’s Cloud Security solutions. He’s also the Senior Editor of the Oracle and KPMG Cloud Threat Report, as well as Oracle’s annual CISO Report. “The focus of these efforts is to understand the…
Supply chain security: Five IT strategies for choosing vendors wisely
With the proliferation of SaaS solutions, API integrations and cloud computing, virtually everything in the modern enterprise is connected to untold number of outside entities. In fact, many business processes depend on this connectivity, even when doing so broadens the threat landscape and puts the organization at greater risk. This interconnectedness means that vendor vulnerabilities…
What prevents companies from achieving effective security performance management?
Cybersecurity performance is critical to achieving commercial success, according to a BitSight study. Among the study’s most interesting findings is that nearly two in five (38 percent) of enterprises admit that they have lost business due to either a real or perceived lack of security performance within their organization. Based on a survey of 207…
Security pros need more and better visibility into their cloud networks
In this Help Net Security podcast, Kevin Sheu, VP Product Marketing and Marcus Hartwig, Senior Product Marketing Manager at Vectra AI, discuss the Vectra superhero survey from Black Hat USA 2019, which provides insight into the current cloud adoption and top-of-mind concerns of attendees. The people surveyed were a mix of CISOs, security researchers, security…
