• Combatting human error in cybersecurity

    Mistakes are part of life, but unfortunately in cybersecurity operations, mistakes have the potential to be financially devastating to the business. According to a 2014 IBM study, more than 95 percent of cybersecurity incidents are due to human error. It’s a staggering number, and one that cybercriminals and nation-state adversaries alike are counting on.

    When referring to “mistakes,” even within the context of the information technology field, it can have broad meaning. One of the first things that often comes to mind is poorly secured code or systems misconfigurations¬–the kinds of errors made by busy programmers or overworked systems and network administrators. While these kinds of mistakes do play a part in security breaches, more often than not it’s a far simpler mistake: innocent errors of judgment that are leaving businesses and government networks exposed to massive data loss and financial ruin.

  • Top 3 biggest mistakes enterprises make in application security

    Enterprise information security encompasses a broad set of disciplines and technologies, but at the highest level it can be broken down into three main categories: network security, endpoint security and application security. Network security and endpoint security have advanced greatly in the last few years and enterprises and government agencies have invested appropriately.

  • Cloud security: Essential yet complicated

    In this interview, Ron Zalkind, CTO and co-founder of CloudLock, talks about the top cloud security threats, illustrates how the power of the cloud can influence the agility of a modern security architecture, explains the main difficulties associated with implementing security policies in both public and private clouds, and more.

  • Threat intelligence monitoring and management

    LookingGlass is the world leader in cyber threat intelligence management. They collect and process all source intelligence, connecting organizations to valuable information through their cyber threat intelligence monitoring and management platform.

    In this podcast recorded at Black Hat USA 2015, A.J. Shipley, Vice President, Product Management at LookingGlass, talks about the company's product line and introduces ScoutVision, ScoutInterXect, Virus Tracker, CloudShield, DNS Defender, and Trusted Cyber Solution Orchestrator.

  • If you build it, they will come

    If you build it, they will come. But will you be ready? Will any of us?

    It’s almost impossible to escape the topic of the Internet of Things (IoT). Whatever the technology conversation, the IoT seems to invariably pop up, as a new opportunity to redefine an industry, a new threat to security and privacy, or just as often, both.

  • The insider versus the outsider: Who poses the biggest security risk?

    Today, many organizations are under continuous attack from nation-states or professional cyber criminals. One of the main focuses for IT security teams is stopping intruders from gaining access to assets on the corporate network. However, this strain on IT teams means that when it comes to malicious insiders, a worrying number of organizations almost entirely drop their guard.

  • Solving the third-party risk management puzzle for PCI

    One of the main PCI compliance challenges for businesses is how to accurately document and monitor the payment data and personal information they hold and share with third parties. The complexity of supply chains not only exposes this data to a much greater risk of loss, it also adds uncertainty over where the ultimate responsibility lies in protecting it.

  • Maintaining security during your healthcare merger or acquisition

    With continuous changes in the information security landscape and high profile breaches being announced on a seemingly weekly basis, healthcare providers need to ensure they are properly securing protected health information (PHI). A lack of patient confidence can greatly harm your organization’s reputation and affect your bottom line.

    In this environment, it is the responsibility of healthcare providers’ boards of directors (BoD) to guide their organizations’ cyber security efforts through informed decision making. This means that BoDs should be aware of the types and amount of data it possesses, security controls surrounding this data, risks facing the organization, and cyber security trends within the healthcare industry.

  • Cloud security without borders

    The cloud's growing prevalence is drastically changing the way we do business and conduct our daily lives. As the digital exchange of business and personal information increases, data security and privacy have become an acute problem that we must address.

    In this podcast recorded at Black Hat USA 2015, Philippe Courtot, Chairman and CEO at Qualys, illustrates the mind shift we must make to better address these challenges and highlights new approaches for ensuring data security and privacy.

  • Dealing with a difficult data legacy

    Customer call recording and storage is now standard practice across a variety of industries, as well as a Financial Conduct Authority (FCA) requirement in many cases. But these ‘legacy’ call recordings regularly contain sensitive payment and personal data that must be (but often isn’t) properly safeguarded.

Videos      Podcasts


Hope is not a strategy, we need more healthy paranoia

35 percent of security experts believe leadership within their organization lacks a healthy paranoia, with 21 percent of leadership "relying on hope as a strategy" to avoid a cyber security breach.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Aug 31st