As attackers become more adept at evading "reactive" security controls and alert mechanisms, proactively analyzing the behaviors of people and systems is critical to detecting malicious activity, says Gartner's Kelly Kavanagh.
Machine learning could be a breakthrough for data classification, addressing fundamental challenges and paving the way to create and enforce automated policies that can be scaled across the enterprise, says Titus CEO Jim Barkdoll.
There is greater awareness to the proliferation of mobile threats, and yet many organizations still underestimate their own vulnerabilities. Brian Duckering of Symantec discusses the rise and maturity of mobile threat defense.
The Food and Drug Administration plans to launch a new digital health "center of excellence" that includes a cybersecurity unit. The new unit would not only deal with cyber issues pertaining to new health technologies, but also challenges facing older medical devices.
At RSA Conference 2018 Asia Pacific & Japan, Information Security Media Group conducted dozens of video interviews with industry thought leaders. Here are the highlights.
WhatsApp has agreed to appoint a grievance officer for India who will handle complaints about fake news. The nation's government had demanded the action in the wake of recent mob violence triggered by fake news spread on the social media platform. But will the appointment have a significant impact?
In Australia, it can take as few as 15 minutes to steal someone's phone number, a type of attack known as SIM hijacking. Such attacks are rising, but mobile operators have no plans to change the authentication required around number porting, which can be set in motion online with minimal personal information.
Email fraud threats have evolved from attackers targeting networks to them focusing on specific individuals within an organization. What can enterprises do to halt these attacks before they reach the inbox? Denis Ryan of Proofpoint shares defensive tactics.
Massive, well-resourced companies are still using live customer data - including their plaintext passwords - in testing environments, violating not just good development practices but also privacy laws. That's yet another security failure takeaway from last year's massive Equifax breach.
One mystery with the recently discovered payment card sniffing attacks against such organizations as British Airways and Newegg has been how attackers might have first gained access to the victims' networks. But a number of cybercrime markets sell such access, in some cases for as little as 50 cents.
Seeking better operational efficiency and ROI, many enterprises have begun significant software automation and orchestration efforts without accounting for the inherent security risks they may bring, says Jeffery Kok of CyberArk.
Credit bureau Equifax has been hit with the maximum possible fine under U.K. law for "multiple failures" that contributed to its massive 2017 data breach, including its failure to act on a critical vulnerability alert issued by the U.S. Department of Homeland Security.
The biggest security budget in the business cannot save you from also suffering one of the biggest breaches. The key is: Do you have the right skills and technology deployed to defend your critical assets? Michael Malone and Ben Johnson of Datashield, an ADT company, make the case for outsourcing.
Hackers are constantly developing new exploits, and updating defenses is not an easy task. Dan Larson of Crowdstrike discusses some the new techniques hackers are using and how to fight them off.
Open source and third-party components help developers build and deploy applications faster. But with increased speed comes greater risks, says Chris Eng of CA Veracode, who offers insights on mitigating those risks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.