A report on the implications of failing to notify manufacturers of security flaws in their medical devices and a conversation with internet co-founder Vint Cerf highlight the latest edition of the ISMG Security Report.
Data centers are difficult to defend, and securing the perimeter is important but of little consequence if attackers get inside. But there are ways to lock down data centers, former White House strategist Nathaniel Gleicher explains in this interview.
The way the U.S. federal government funds information technology served as a major contributor to last year's breach of computers at the Office of Personnel Management that exposed 21.5 million records, says Federal Chief Information Officer Tony Scott.
Intelligence agencies sometimes seek out and develop exploits for the very technology that their nation's organizations rely on to secure their data. In an interview, cybersecurity expert Alan Woodward offers insights on how information security professionals should respond.
In an interview, Internet pioneer Vint Cerf says he sees a secure future for the network of networks he helped create four decades ago as the co-developer of TCP/IP, the protocol that facilitates internet communications.
A report on an FBI warning to state election officials that their IT systems could be hacked leads the latest edition of the ISMG Security Report. Also, Australian officials mull bitcoin technology to secure elections.
To keep up with emerging threats, banks and other organizations in Saudi Arabia and throughout the region must develop much more mature incident response functions, says Mohammed Almozaiyn, who heads incident response for a leading Saudi bank.
Why is the Asia-Pacific region lagging far behind Europe and the United States in detecting data breaches? Rob van der Ende, vice president at FireEye's Mandiant, analyzes the results of the firm's new M-Trends Report 2016 for the Asia-Pacific Region and pinpoints breach detection shortcomings.
A report exploring how some organizations have been stockpiling bitcoins to use to pay off attackers if, or when, they become victimized by ransomware attacks leads the latest edition of the ISMG Security Report.
The process of managing software vulnerabilities inside the enterprise is complicated by the sheer number of patches that must be assessed, applied, tested and rolled out, says Wolfgang Kandek of Qualys, who offers suggestions on how to better focus those efforts.
Many organizations take months or years to discover they've been victimized by breaches because they lack experienced cybersecurity personnel, says employment researcher David Foote. The "maturing of the workforce" will take considerable time, he says in an interview.
The surge in data breaches and the pervasiveness of malware, especially ransomware, has led to a surge in security technology startup firms, which makes it much tougher for CISOs to choose the right business partners in the overcrowded marketplace, argues Raimund Genes, CTO at Trend Micro.
Security spending - as a percentage of IT budgets - in recent years has been getting out of hand, says Chris Richter of Level 3 Communications, who offers suggestions for how to better keep costs under control.