• The challenges of data classification

    We are living in a data driven society with globalizing economies, data transfer, and ubiquitous access to everything from everywhere. From information gateways, websites, file shares, and web applications, to instant messaging and on-premises and cloud collaboration systems, data is free-flowing both within and outside an organization’s walls.

  • Drone detection: What works and what doesn't

    Another drone was discovered flying in restricted air space around the White House two weeks ago. The Secret Service found the pilot simply because they happened to see him. In other words, there is no indication that the Secret Service would have found the pilot if he had not been in plain view. This person didn’t have bad intentions, but one day someone will. A little drone-detection education is in order.

  • Breach detection: Five fatal flaws and how to avoid them

    These days, it is not about defending a (non-existent) perimeter, but about protecting the organization’s attack surface, which has changed dramatically due to the cloud, mobility, BYOD, and other advances in corporate computing that have caused fundamental shifts in network architecture and operations.

    Practically speaking, it means you need to monitor what is occurring inside the firewall just as much (if not more) than what’s “outside” trying to make its way in.

  • How businesses can stem the flow of leaky data

    The privacy and security of corporate data is at risk like never before. Not only are businesses faced with an ever-growing variety of security threats, from sophisticated, targeted attacks, to new zero-day vulnerabilities and state-sponsored espionage, they also need to deal with the sharing habits of their employees.

  • Internet of Things: Whose data is it, anyway?

    Everywhere you look, it seems to be that everything is becoming “smart”. On my wrist, I frequently wear a smart watch that monitors how many steps I take, what my heart rate is, and so on. At home, a smart thermostat can be controlled via an app, or even be programmed based on my own behavior. I can even have a camera that will either let me see who’s at the door, or let me talk to my cats while I’m in the office.

    All of these devices are generating one thing: data. The smartwatch is keeping track of my health data. The thermostat is keeping track of what’s going on inside my home. The cameras are keeping track of what they see and when they are turned on. A lot of this data is passed on to the providers of these services, which frequently say they are “free”.

  • Why insider threats are succeeding

    Data leaks and other news events over the past few years have brought insider threats to the forefront of public attention, but most companies still lack the means or motivation to protect themselves from malicious insiders.

    The effects of insider threats are simply too big to ignore. In the most recent year on record, U.S. organizations suffered $40 billion in losses due to employee theft and fraud. According to a report by the market research company Forrester, 46 percent of nearly 200 technology decision-makers reported internal incidents as the most common cause of the breaches they experienced in the past year. Out of those respondents, almost half said the breach stemmed from a malicious insider.

  • The importance of encryption and key management for security practitioners

    In this podcast recorded at RSA Conference 2015, Tsion Gonen, Chief Strategy Officer at Gemalto, talks about how if you're going to do encryption, make sure you do it right. Encryption done wrong is worse than nothing. You have to think about centrally, efficiently, and securely managing and storing cryptographic keys and policies - across the key management lifecycle and throughout the enterprise.

  • The importance of good threat intelligence

    The cyber-threats our organizations face are continuing to evolve, partly in respect to the broadening motivations behind attacks, and partly due to the increased sophistication of the attacks themselves. We have all seen the motivations behind cyber-attacks broaden over the last few years, with extortion, vandalism, ideological hacktivism, data-theft and financial fraud all regularly in the news.

    On the technical side of things, toolkits and obfuscation techniques are readily and cheaply available within the cyber-criminal community. And of course we have state-associated threat-actors who have significant resources behind them to develop and utilize new tools and exploits.

  • There’s no security without trust

    Trust. It’s a small word but it conveys a lot. To many it is the cornerstone of security, because without trust there can be no security.

    To operate securely in the online world, businesses need to trust the technology they use. These same organizations need to trust their partners and suppliers, especially when they have access to the organization’s data and systems. They need to trust their staff to follow policies, to apply what they learn from security awareness sessions, and to use the tools provided to them to keep their activities secure.

  • Global black markets and the underground economy

    Adam Tyler is the Chief Innovative Officer at CSID. In this interview he discusses global black markets, what type of information is most valuable for cybercriminals, modern malware, and much more.

Videos      Podcasts


Whitepaper: 10 things your next firewall must do

For enterprises looking at Next-Generation Firewalls, the most important consideration is: will this new technology empower your security teams to securely enable applications to the benefit of the organization? It's not about blocking applications, but safely enabling them.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, May 29th