Home > RSS Feeds > Security
  • The disclosure of data breaches began to decline in 2014, according to a report analyzing 10 years of breaches, but that's not necessarily a good thing.

  • Ongoing cyber-security breaches are finally lighting a fire under the seats of corporate directors and board members. But there's still a lot work to be done.

  • The Lower Colorado River Authority deploys a cloud-based security solution that identifies more forms of malware and addresses zero-day threats more effectively.

  • Unfortunately, the security discussion has now shifted from stamping out cyber-threats and malware to managing risk. It looks like the bad guys are winning.

  • Cyber-resilience—the ability of an organization to withstand and effectively respond to cyber-attacks—is widely recognized as a critical capability amid an ever-expanding universe of threats. Yet most organizations are ill-equipped to make themselves cyber-resilient. That ominous disconnect is the overarching takeaway from a recent survey of IT and security executives, "The Resilient Organization: Learning to Thrive Against Threats." The survey, conducted by privacy and security research firm the Ponemon Institute on behalf of incident response vendor Resilient Systems, makes it clear that organizations have a lot of work to do to make themselves cyber-resilient—work they should be making a top priority. Organizations that want to achieve cyber-resilience "must adopt new technologies, improve collaboration across business functions, and have proper CSIRPs [cyber-security incident response plans] in place, among other things, before they can attain that goal," said Ponemon Institute founder Larry Ponemon. "Until then, their organizations remain extremely vulnerable to the next wave of cyber-attacks from increasingly sophisticated and determined hackers."

  • A year before the 2016 presidential election, cyber-security is already emerging as a key issue in debates and discussions, and voters can expect more to come.

  • Distributed denial-of-service (DDoS) attacks are nothing new. However, the methods are changing, and organizations that do not adapt to today's threat environment put themselves at risk. A recently released report, "Neustar DDoS Attacks & Protection Report: North America and EMEA," identifies a number of key trends. Among them: Hackers are using smaller and more sustained attacks to distract IT organizations while they install malware in order to steal a company's intellectual property, trade secrets, customer or employee information, and other valuable data. The report, based on a survey of 800 executives and professionals based in the United States, Europe and the Middle East, found that there's big money involved in today's attacks, and most attacks are substantial enough to cause significant trouble for organizations. In many cases, enterprises are caught off guard during a DDoS attack, and managers and executives don't realize the company has been infected until customers or third-parties alert them. This can lead to serious consequences. Here are some key findings from the report: