How does an advanced threat adversary operate for 10 years, undetected? FireEye APAC CTO Bryce Boland shares details of the decade-long APT30 campaign that targeted organizations in India and Southeast Asia.
Many security pros look askance at "cybersecurity." But Symantec's Sian John says the embrace of that term shows just how much senior executives are beginning to understand the risks their organizations face.
Assessing the risks presented by "digital business" - the new business designs that blur the digital and physical worlds - will be a theme at the 2015 Gartner Security and Risk Management Summit, says Andrew Walls, event chairman.
To help organizations discover what they don't know is happening on their networks, Darktrace uses machine learning to create advanced baselines of normal behavior, then sounding alarms when it sees deviations.
Cybercrime continues to evolve, offering an ever-increasing array of niche capabilities, ranging from attack techniques and infrastructure to related research and sales services, warns Trend Micro's Bharat Mistry.
The method the Internal Revenue Service used to authenticate users, which failed to keep sophisticated hackers from breaching a taxpayer-facing system, has been widely criticized by cybersecurity experts.
A game-changing impact of the Edward Snowden leaks about previously secret National Security Agency surveillance activities is the increased use of encryption, such as to protect email, says Peter Swire, a former White House chief privacy counsel.
Vendors' and software makers' over-reliance on security messages and warnings has left users habituated to them, thus rendering such alerts less effective or even worthless, warns cybersecurity expert Alan Woodward.
In an exclusive interview, independent security researcher Billy Rios describes security vulnerabilities that he discovered last year in medical infusion pumps, which led two federal agencies to issue recent warnings.
Citing as inspiration the Manhattan Project, in which the United States developed the atomic bomb during World War II, Sam Visner is leading an effort to get cybersecurity researchers to collaborate in developing new ways to defend cyberspace.
In addition to providing training, healthcare organizations should consider implementing technology to help prevent user mistakes that can lead to breaches of protected health information, says Geoffrey Bibby of ZixCorp.
Dick Williams, CEO of digital security firm Webroot, says the cybersecurity profession needs more than just technical experts. Learn why he says firms will seek out those who can understand the behaviors of cyber-attackers.
Although the 2015 Healthcare Information Security Today survey shows improving regulatory compliance is priority No. 1, CISO Cris Ewell of Seattle Children's Hospital suggests building a strong information security program should be a higher priority.
Former RSA Chairman Art Coviello has re-emerged as a partner with venture capital firm Rally Ventures. What's it like to transition from creating new security solutions to discovering and nurturing them?