Troy Hunt: Why Data Breaches Persist

Mathew J. Schwartz • June 20, 2019

Bad news for anyone who might have hoped that the data breach problem was getting better. "Anecdotally, it just feels like we're seeing a massive increase recently," says Troy Hunt, the creator of the free "Have I Been Pwned?" breach-notification service. Unfortunately, he says, the problem is likely to worsen.

Blockchain & Cryptocurrency

Two Weekend Outages, Neither a Cyberattack

Latest

Incident & Breach Response

Best Practices for Cyberattack Prevention and Response

Mathew J. Schwartz • June 20, 2019

Organizations that want to ensure they have a solid cybersecurity strategy must ensure they rigorously pursue best practices, monitor their infrastructure, eliminate vulnerabilities as well as prepare for the worst, says Andrew Gogarty of Secon Cyber.

Next-Generation Technologies & Secure Development

Cybersecurity's Automation Imperative

Mathew J. Schwartz • June 20, 2019

With cybersecurity becoming ever more difficult to monitor and manage, and product and data overload triggering cyber fatigue among cybersecurity professionals, organizations must embrace more autonomous approaches, says Censornet's Richard Walters.

Governance

The Need for a 'Zero Trust' Approach

Nick Holland • June 20, 2019

The perimeter is now both external and internal, which is why organizations must move to a "zero trust" model, says Pete Nourse of Veriato.

Governance

Act Fast: Best Practices for Arresting Spoofed Domains

Mathew J. Schwartz • June 20, 2019

Organizations are increasingly relying on threat intelligence to help them better identify malicious behavior before it hits the network - or users encounter it - including using domain name system analysis to track emerging campaigns, says Corin Imai of DomainTools

Cyberwarfare / Nation-state attacks

22 State Attorneys General Seek Election Security Help

Scott Ferguson • June 19, 2019

A group of 22 state attorneys general, mainly from Democratic-leaning states, are demanding Congress offer local officials more support - including grants and equipment standards - to improve election infrastructure security in the run-up to the 2020 presidential contest.

Cybercrime

AMCA Bankruptcy Filing in Wake of Breach Reveals Impact

Marianne Kolbasuk McGee • June 19, 2019

The parent company of American Medical Collection Agency has filed for bankruptcy in the wake of a data breach affecting millions of patients. The filing provides an inside look at the "cascade of events" and financial havoc wreaked by a security incident.

Artificial Intelligence & Machine Learning

Step Away From the Artificial Intelligence

Mathew J. Schwartz • June 19, 2019

Why does everyone keep mislabeling machine learning - a proven technique for helping organizations to improve their security posture - as artificial intelligence? "I'm so tired of the AI buzzword bingo," says John Matthews, CIO of ExtraHop Networks.

Governance

Cisco on Cybersecurity: Targeting Optimal Protection

Mathew J. Schwartz • June 19, 2019

Defending organizations against attackers is more challenging than ever. "The complexity and sophistication of the threats has increased," says Cisco's Mark Weir. "What we're seeing a lot of at the moment as well is intellectual property theft."

Advanced SOC Operations / CSOC

Network Security Policy Management: Seeking Visibility

Mathew J. Schwartz • June 19, 2019

Visibility, or a lack thereof, continues to challenge organizations as they attempt to protect their businesses by knowing which systems, applications and data they have, says AlgoSec's Jeffrey Starr. He discusses how centralized visibility, control and automation can help.

Security Operations

The State of the SOC

Nick Holland • June 19, 2019

Managing a security operations center is fraught with challenges, says Stephen Moore of Exabeam, who outlines the findings of a new "State of the SOC" report.

Application Security

Cloud and Container Adoption: The Visibility Imperative

Mathew J. Schwartz • June 19, 2019

As organizations pursue digital transformation initiatives backed by new application deployment techniques, they must ensure that security, operations and development teams fully coordinate, says Marco Rottigni of Qualys.

Artificial Intelligence & Machine Learning

How to Block Advanced Threats

Mathew J. Schwartz • June 19, 2019

After years of organizations being stuck in a reactive security posture, proactive prevention is finally possible thanks to machine learning backed by AI math models, says BlackBerry Cylance's John McClurg.