RSA Conference, the world’s leading information security conferences and expositions, today announced the addition of nine new members to its Advisory Board for a total of 16 members across a wide array of positions in the industry. This expansion falls under the governance pillar of the new diversity and inclusion initiative that was also announced today. “We are beyond excited to welcome these nine industry titans to our Advisory Board,” said Sandra Toms, Vice President … More →
The post New additions to RSA Conference Advisory Board bring wealth of industry knowledge appeared first on Help Net Security.
Push Technology released new functionality in their Diffusion Intelligent Data Platform to increase security authentication and authorization handling, facilitate transitioning from REST-based applications to streaming data applications, simplify development of multi-user and collaborative applications, and enhance data compression for large payload distribution applications. The Diffusion Intelligent Data Platform synchronizes, manages, and distributes data among applications, devices, and systems – via web, mobile, and satellite networks. Security New security functionality for Authentication and Authorization handling provides … More →
The post Push Technology releases Diffusion Intelligent Data Platform 6.2 appeared first on Help Net Security.
Snow Software (Snow) introduced Snow for SaaS to give organizations visibility to their growing portfolio of SaaS applications in use within their enterprises. Businesses can use that insight to optimize investments, drive operational efficiency, manage risk and compliance and improve their products and services. Business users are deploying SaaS applications to move faster and react to ever-changing business needs. Gartner expects SaaS to reach 45 percent of total application software spending by 2021. Organizations benefit … More →
The post Snow launches SaaS usage visibility to help businesses optimize cloud investments appeared first on Help Net Security.
Amazon Web Services (AWS) launched the AWS GovCloud (US-East) Region, its second GovCloud infrastructure region in the United States. With the launch of the AWS GovCloud (US-East) Region, AWS now provides 57 Availability Zones across 19 geographic regions globally with another 12 Availability Zones and four regions coming online in Bahrain, Hong Kong SAR, South Africa, and Sweden between the end of 2018 and the first half of 2020. The AWS GovCloud Regions meet the … More →
The post Amazon Web Services launches second GovCloud Region in the United States appeared first on Help Net Security.
The Magecart threat looms large for online retailers and their customers, as the criminal groups that have been assigned this collective name are constantly trying out new tricks for stealthily compromising the shops and achieving persistence. According to security researcher Willem de Groot, the Magecart attackers have become so adept at the latter that many online merchants end up having to clean their shops many times. “In the last quarter, 1 out of 5 breached … More →
The post 1 in 5 merchants compromised by Magecart get reinfected appeared first on Help Net Security.
In two weeks, one of the most gruelling security challenges returns to the Middle East! As part of Hack in the Box’s (HITB) return to Dubai after an 8-year gap, the HITB Security Conference will be bringing back a wide range of free to the public hacking games and challenges, including its ever-popular HITB Capture The Flag (CTF) competition. HITB’s CTF competition will see over 20 international teams battle it out in Dubai on 27 … More →
The post HITB Security Conference to feature CTF, free to the public hacking games and challenges appeared first on Help Net Security.
DevOps is concerned with uniting two particular tribes: development and operations. These tribes have seemingly competing priorities: developers value features while operations value stability. These contradictions are largely mitigated by DevOps. A strong argument could be made that the values of the security tribe – defensibility – could just as easily be brought into the fold, forming a triumvirate under the DevSecOps umbrella. The security tribe’s way forward is to find ways to unify with … More →
As 2018 draws to a close, IT and security pros around the country will greet the arrival of budget season with a collective sigh. Negotiating for IT budgets at small or mid-market companies is always a challenge and can be especially difficult if you’re asking for increased security spending from an executive who doesn’t understand the risks of being unprepared for a data breach. However, security budgets are changing rapidly as awareness of security issues … More →
The post What mid-market security budgets will look like in 2019 appeared first on Help Net Security.
An increasing number of M&A transactions may be stalling because of concerns over GDPR compliance, according to a survey of EMEA M&A professionals conducted by Merrill Corporation. Overall, the survey highlights the significant role due diligence plays in determining M&A success, while providing insight into the challenges faced by M&A professionals today. The implementation of the GDPR stood out as a major hurdle for mergers and acquisitions, with more than half of respondents (55 percent) … More →
The post M&A transactions may be stalling due to GDPR compliance concerns appeared first on Help Net Security.
There are significant differences in risk perceptions across the eight regions covered in the World Economic Forum’s Regional Risks for Doing Business report. Over 12,000 executives highlighted concerns ranging from economic to political, societal and technological. Unemployment, failure of national governance and energy price shocks were among the top worries of executives across various regions. Cyber attacks are the number one risk in Europe, East Asia and the Pacific and North America. This points to … More →
The post Cyber attacks ranked as top risk in Europe, North America, East Asia and the Pacific appeared first on Help Net Security.
Responsibility for information security is not falling to any one senior executive function, according to the 2018 Risk:Value report from NTT Security, which surveyed 1,800 senior decision makers from non-IT functions in global organisations. Responsibility for day-to-day security At a global level, 22 per cent of respondents believe the CIO is ‘ultimately responsible’ for managing security, compared to one in five (20 per cent) for the CEO and 19 per cent for the CISO. In … More →
The post Narrow gap between CEO, CIO and CISO roles means companies are struggling to secure digital assets appeared first on Help Net Security.
The Linux Foundation and over 30 global technology leaders are forming a new foundation to support the Ceph open source project community. The Ceph project develops a unified distributed storage system providing applications with object, block, and file system interfaces. Founding Premier members of Ceph Foundation include Amihan, Canonical, China Mobile, DigitalOcean, Intel, OVH, ProphetStor Data Services, Red Hat, SoftIron, SUSE, Western Digital, XSKY Data Technology, and ZTE. The Ceph Foundation will organize and distribute … More →
The post The Linux Foundation launches Ceph Foundation to advance open source storage appeared first on Help Net Security.
Ping Identity surveyed more than 3,000 people across the United States, United Kingdom, France and Germany to find out what they expect from brands when it comes to the safekeeping of personal information. The survey reveals many consumers are making drastic changes to the ways they interact with companies and secure their own personal data following a breach: 78 percent of respondents would stop engaging with a brand online and more than one third (36 … More →
The post Consumers would stop engaging with a brand online following a breach appeared first on Help Net Security.
On July 6, 2018 the NIS (Network and Information System) Directive was enacted as the first EU-wide legislation that provides measures to boost security across the region. Under the law, operators of essential services and digital service providers are required to abide by the requirements of the new regulations. These are intended to provide a framework for countries and operators to strengthen the security of critical infrastructures and allied information systems. Any operator with 50 … More →
The post Implications of the NIS Directive for the industrial sector appeared first on Help Net Security.
There have been 3,676 publicly disclosed data compromise events through September 30. Breach activity continues at a consistent pace for 2018, which although significant in level, will likely not reach the numbers we saw in 2017, according to the 2018 Q3 Data Breach QuickView report by Risk Based Security. Incidents by data type exposed “The number of reported breaches shows some improvement compared to 2017 and the number of records exposed has dropped dramatically,” said … More →
The post Reported breaches in the first 9 months of 2018 exposed 3.6 billion records appeared first on Help Net Security.
Critical infrastructures are radically transforming on an unprecedented scale, boosted by a rapid adoption of ‘smart’ operational technologies. Cybersecurity is a growing part of that evolution. ABI Research forecasts security spending for the protection of critical infrastructures will hit US$125 billion globally by 2023. Currently, defense contractors (Lockheed Martin, BAE Systems, Harris, Northrop Grumman), industrial OEMs (Honeywell, Siemens, Airbus, Rockwell, Boeing), tech leaders (IBM, Amazon, Microsoft, Verizon), and energy companies (Shell, Total, Exxon) are the … More →
The post Closing the security gap will drive $125 billion critical infrastructure security spending appeared first on Help Net Security.
Here’s an overview of some of last week’s most interesting news and articles: Five key considerations when developing a Security Operations Center Organizations should start with the following five key considerations if they are to get the most out of their SOC. How financial institutions can change the economics of fraud The volume of data breaches has bolstered fraudster’s ability to waltz through the front doors of businesses using synthetic identities. VirtualBox Guest-to-Host escape 0day … More →
The post Week in review: VirtualBox 0day, GPU side channel attacks, vulnerable self-encrypting SSDs appeared first on Help Net Security.
Google has announced that, starting from Chrome 71, users will be explicitly warned when attempting to visit pages that try to trick them into signing up for mobile-based subscription services. The warning Pages that ask for users’ mobile phone details but show no information, poorly legible information or even hide information about the subscription will trigger a pop-up warning for users of Chrome mobile, Chrome desktop and Android’s WebView: The warning will also be shown … More →
The post Chrome will start warning users about shady mobile subscription pages appeared first on Help Net Security.
DFLabs open framework enables integration of SOAR and security tools DFLabs launched a new version of the IncMan SOAR platform that provides an open integration framework for customizing and adding new automated integrations between security tools and IncMan SOAR, without the need for complex coding. This capability enables security teams to add and orchestrate new functions between IncMan SOAR and third party products in order to address requirements and workflows. New SaltStack Enterprise 5.5 release … More →
The post New infosec products of the week: November 9, 2018 appeared first on Help Net Security.
Thanksgiving comes early this year, but the Microsoft Windows 10 October 2018 Update is coming late. Should we be thankful? Let’s revisit the short history of this release, talk about a serious Bluetooth vulnerability, and look at what may be coming this November Patch Tuesday. I still expect great things from the Microsoft Windows 10 October 2018 Update. I mentioned in the forecast last month the features I’m particularly happy to see are faster updates … More →
The post Round two: Microsoft prepares to release Windows 10 October 2018 Update… again! appeared first on Help Net Security.