Schneier on Security

JANUARY 19, 2018

Interesting research: " Long-term market implications of data breaches, not ," by Russell Lange and Eric W. Burger. Abstract : This report assesses the impact disclosure of data breaches has on the total returns and volatility of the affected companies' stock, with a focus on the results relative to the performance of the firms' peer industries, as represented through selected indices rather than the market as a whole.

Marketing 329

Marketing Financial Services Data breaches Healthcare 329

Troy Hunt

JANUARY 10, 2018

India's Aadhaar implementation is the largest biometric system in the world, holding about 1.2 billion locals' data. It's operating in an era of increasingly large repositories of personal data held by both private companies and governments alike. It's also an era where this sort of information is constantly leaked to unauthorised parties; last year Equifax lost control of 145.5 million records on US consumers (this started a series events which ultimately led to me testifying in front of Congre

Hacking 278

Hacking Government Encryption Risk 278

Thales Cloud Protection & Licensing

JANUARY 31, 2018

Data breaches are the new normal. According to our 2018 Global Data Threat Report , 67% of enterprises have been breached, with that percentage rate growing every year. Regardless of the security measures and efforts put in place, organizations need to act as if a successful cyberattack is not a question of “if” but “when.”. As organizations continue to embrace digital transformation, greater amounts of sensitive data is created, stored and transferred in digital form putting more data at risk.

Digital transformation 130

Digital transformation Data breaches Encryption Cloud Migration 130

WIRED Threat Level

JANUARY 16, 2018

Megan Squire doesn’t consider herself to be antifa and pushes digital activism instead, passing along information to those who might put it to real-world use—who might weaponize it.

111

111

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Dark Reading

JANUARY 23, 2018

Following these tips can improve your security visibility and standardize management across hybrid environments.

103

103

eSecurity Planet

JANUARY 9, 2018

IT experts share some their tips on updating IT systems and business processes to comply with the EU's strict new data privacy regulations.

Data privacy 89

Data privacy 89

Troy Hunt

JANUARY 24, 2018

Usually when we talk about information security, we're talking about the mechanics of how things work. The attacker broke into a system due to a reused password, there was SQL injection because queries weren't parameterised or the company got ransomware'd because they didn't patch their things. These are all good discussions - essential discussions - but there's a broader and perhaps even more important one that we need to have and that's about the security culture within organisations.

Education 173

Education CISO Encryption Passwords 173

Thales Cloud Protection & Licensing

JANUARY 25, 2018

This morning we announced, in tandem with our partner 451 Research, the Global Edition of the 2018 Thales Data Threat Report. It’s abundantly clear that medium to larger enterprises (the focus of the report and underlying survey) are finding it harder than ever to protect their sensitive data. The twin drivers of the problem are increased threats and the drive to digitally transform how organizations deliver value and revenue.

Digital transformation 96

Digital transformation Threat Reports Big data Data breaches 96

WIRED Threat Level

JANUARY 7, 2018

The uncanny coincidences among the Meltdown and Spectre discoveries raise questions about "bug collisions"—and the safety of the NSA's hidden vulnerability collection.

111

111

Dark Reading

JANUARY 11, 2018

How security practitioners can incorporate expert knowledge into machine learning algorithms that reveal security insights, safeguard data, and keep attackers out.

Cybersecurity 88

Cybersecurity 88

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

eSecurity Planet

JANUARY 26, 2018

A look at how security vendors that are employing artificial intelligence and machine learning to help IT security teams.

Artificial Intelligence 93

Artificial Intelligence Cybersecurity 93

Schneier on Security

JANUARY 5, 2018

The security of pretty much every computer on the planet has just gotten a lot worse, and the only real solution -- which of course is not a solution -- is to throw them all away and buy new ones. On Wednesday, researchers just announced a series of major security vulnerabilities in the microprocessors at the heart of the world's computers for the past 15-20 years.

Firmware 199

Firmware Software Engineering Phishing 199

Troy Hunt

JANUARY 31, 2018

This is probably the most self-explanatory blog post title I've ever written! But be that as it may, it deserves some explanation as to how I've arrived at this point and like many great ideas, it began over some beers. I've just arrived home to the Gold Coast in Australia which I frequently describe to people as "the sunny part of the sunny country" I'm literally sitting on a beach writing this blog post and frankly, I'd like to spend more time here.

Hacking 168

Hacking Media 168

Thales Cloud Protection & Licensing

JANUARY 4, 2018

We are in the midst of a digital revolution impacting every aspect of our everyday lives. At the center of the revolution is data, which is available in more forms, volume, depth and complexity since the beginnings of the computer revolution. Earlier this year , IDC predicted the world’s volume of data would expand to 163 zettabytes by 2025 – a tenfold rise in the total.

Digital transformation 95

Digital transformation Artificial Intelligence Mobile Technology 95

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

WIRED Threat Level

JANUARY 31, 2018

The special counsel is under attack, but if Robert Mueller gets fired, the investigation into Trump’s Russia ties and obstruction of justice could keep going.

111

111

Dark Reading

JANUARY 24, 2018

Major DDoS attacks cost some organizations more than $100,000 in 2017, according to a new NETSCOUT Arbor report.

DDOS 94

DDOS 94

Threatpost

JANUARY 21, 2018

Russian authorities have broken up a crime ring involving a hacker and willing gas-station employees who have used malicious software to cheat customers of gas.

Software 76

Software Government Malware Hacking 76

Schneier on Security

JANUARY 4, 2018

After a week or so of rumors, everyone is now reporting about the Spectre and Meltdown attacks against pretty much every modern processor out there. These are side-channel attacks where one process can spy on other processes. They affect computers where an untrusted browser window can execute code, phones that have multiple apps running at the same time, and cloud computing networks that run lots of different processes at once.

Architecture 183

Architecture 183

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Troy Hunt

JANUARY 14, 2018

I don't know how many data breaches I'm sitting on that I'm yet to process. 100? 200? It's hard to tell because often I'm sent collections of multiple incidents in a single archive, often there's junk in there and often there's redundancy across those collections. All I really know is that there's hundreds of gigabytes spread across thousands of files.

Data breaches 148

Data breaches Passwords Accountability Media 148

Thales Cloud Protection & Licensing

JANUARY 5, 2018

( Originally posted to CenturyLink’s blog on November 10 ). To help save time and money, a growing number of enterprises are storing sensitive customer data in the public cloud. Increasingly, they’re also leveraging multiple cloud providers. According to IDC, nearly 80% of IT organizations currently deploy multi-cloud or plan to implement multi-cloud environments within 12 months.

Encryption 91

Encryption Technology Media 91

WIRED Threat Level

JANUARY 16, 2018

Vacant buildings are more than just an economic threat. They're also a public safety concern. And it turns out they have their own sort of gravitational pull.

107

107

Dark Reading

JANUARY 24, 2018

To benefit from automation, we need to review incident response processes to find the areas where security analysts can engage in more critical thought and problem-solving.

73

73

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Andrew Hay

JANUARY 10, 2018

Whether we like it or not, the way we architect, utilize, and secure the networks and systems under our control has changed. When servers were safely tucked away behind corporate firewalls and perimeter-deployed intrusion prevention controls, organizations became complacent and dependent on their host security. Unfortunately, inadequately architected security controls that rely solely on broad network-based protection can make the migration of an organization’s systems to private, public, and hy

Architecture 68

Architecture Technology Firewall 68

Schneier on Security

JANUARY 26, 2018

On January 3, the world learned about a series of major security vulnerabilities in modern microprocessors. Called Spectre and Meltdown, these vulnerabilities were discovered by several different researchers last summer, disclosed to the microprocessors' manufacturers, and patched­ -- at least to the extent possible. This news isn't really any different from the usual endless stream of security vulnerabilities and patches, but it's also a harbinger of the sorts of security problems we're going t

Manufacturing 176

Manufacturing Software Banking Advertising 176

Troy Hunt

JANUARY 1, 2018

I look back a lot more than what I suspect people realise. Not in a reminiscent way, but rather because I find it helps me put things in perspective. A lot of people like to set personal goals or objectives so that there's something specific they're setting out to achieve but for me personally, I just want to see progress. I want to be able to do these retrospectives - not just on Jan 1 but every day - and say to myself "yeah, I'm happy with how far I've moved ahead" And believe me when

Hacking 116

Hacking Encryption 116

Thales Cloud Protection & Licensing

JANUARY 11, 2018

Cindy Provin is a 20-year veteran at Thales. This month, she became the CEO for Thales eSecurity. Previously, she served as the President for Thales eSecurity Americas, and Chief Strategy & Marketing Officer for Thales eSecurity. In her new role as CEO, Cindy will be responsible for leading a world-class organization and delivering a portfolio of security solutions to protect data wherever it is created, shared or stored.

Digital transformation 89

Digital transformation Marketing Cybersecurity 89

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

WIRED Threat Level

JANUARY 23, 2018

In the haste to address the Meltdown and Spectre vulnerabilities that shook the computer industry, several clumsy patch attempts have had to be pulled.

107

107

Dark Reading

JANUARY 8, 2018

A malware tool for stealthily installing software that mines the Monero virtual currency looks like the handiwork of North Korean threat actors, AlienVault says.

Malware 76

Malware Cryptocurrency Software 76

eSecurity Planet

JANUARY 4, 2018

2018 will bring more high-profile data breaches, with attacks and threats getting increasingly sophisticated. We outline 10 security trends to watch.

Data breaches 72

Data breaches 72

Schneier on Security

JANUARY 29, 2018

It's really hard to estimate the cost of an insecure Internet. Studies are all over the map. A methodical study by RAND is the best work I've seen at trying to put a number on this. The results are, well, all over the map: " Estimating the Global Cost of Cyber Risk: Methodology and Examples ": Abstract : There is marked variability from study to study in the estimated direct and systemic costs of cyber incidents, which is further complicated by the considerable variation in cyber risk in differe

Internet 174

Internet Internet Cyber Risk Risk 174

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software