Home > RSS Feeds > Security
  • Despite the abundance of publicity over organizations that have been hacked—Target, the U.S. Office of Personnel Management and Ashley Madison, to name just a few—workers still take part in risky device usage that could potentially expose their company to a variety of threats, according to a recent survey from CompTIA. The survey report, "Cyber Secure: A Look at Employee Cybersecurity Habits in the Workplace," reveals that a surprisingly large percentage of employees receive no cyber-security training on the job. As a result, they aren't as familiar with the dangers of malware as they should be, nor are many of them aware of proven protective measures such as two-factor authentication. Meanwhile, many employees consider their work and personal devices as one and the same—often calling up work-related data while connecting through vulnerable public WiFi networks. "The ecosystem of consumer technology is swelling, and the lines that once delineated device use are fading," the report states. "Employees use a variety of personal and corporate tools, but work devices aren't solely used for work purposes [and vice versa]. This blending of data puts the onus on organizations to ensure that employees understand what constitutes 'good' cyber-security hygiene and are equipped with the skills to demonstrate it." An estimated 1,200 U.S. employees took part in the research.

  • We consistently introduce new technologies before we've figured out how to master and manage them. So we must scramble to stay safe from boneheads and bad guys.

  • The disclosure of data breaches began to decline in 2014, according to a report analyzing 10 years of breaches, but that's not necessarily a good thing.

  • Ongoing cyber-security breaches are finally lighting a fire under the seats of corporate directors and board members. But there's still a lot work to be done.

  • The Lower Colorado River Authority deploys a cloud-based security solution that identifies more forms of malware and addresses zero-day threats more effectively.

  • Unfortunately, the security discussion has now shifted from stamping out cyber-threats and malware to managing risk. It looks like the bad guys are winning.

  • Cyber-resilience—the ability of an organization to withstand and effectively respond to cyber-attacks—is widely recognized as a critical capability amid an ever-expanding universe of threats. Yet most organizations are ill-equipped to make themselves cyber-resilient. That ominous disconnect is the overarching takeaway from a recent survey of IT and security executives, "The Resilient Organization: Learning to Thrive Against Threats." The survey, conducted by privacy and security research firm the Ponemon Institute on behalf of incident response vendor Resilient Systems, makes it clear that organizations have a lot of work to do to make themselves cyber-resilient—work they should be making a top priority. Organizations that want to achieve cyber-resilience "must adopt new technologies, improve collaboration across business functions, and have proper CSIRPs [cyber-security incident response plans] in place, among other things, before they can attain that goal," said Ponemon Institute founder Larry Ponemon. "Until then, their organizations remain extremely vulnerable to the next wave of cyber-attacks from increasingly sophisticated and determined hackers."

  • A year before the 2016 presidential election, cyber-security is already emerging as a key issue in debates and discussions, and voters can expect more to come.