Threat Intelligence and the Power of Attribution

Arbor’s Paul Bowen on Where Organizations Miss the Mark with Threat Intel Most organizations are good at collecting threat intelligence, but they struggle to operationalize it – and especially to use it for threat attribution. Arbor Network’s Paul Bowen tells where organizations are commonly missing the mark. Bowen talks about how to maximize threat intelligence […]

Ratings’ Role in Vendor Risk Management

SecurityScorecard’s Sam Kassoumeh on How to Improve Vendor Assessments and Results From GDPR to the NIST Cybersecurity Framework, vendor risk management is a key component of every new piece of cybersecurity guidance. Yet, security leaders still struggle to inventory and assess their strategic partners. Sam Kassoumeh of SecurityScorecard explores the challenges. In an interview at […]

Security Readiness: How Do You Stack Up?

Intel’s David Houlding on the Value of Benchmarking Tool and Data Looking for a way to benchmark your cybersecurity organization against those of your peers? Intel Health and Life Sciences and its partners offer a Healthcare Security Readiness program that provides a benchmarking opportunity, David Houlding explains. In an interview at Information Security Media Group’s […]

A Common Sense Guide to Mitigating Insider Threats

Randy Trzeciak of CERT Reviews the Latest Research Randy Trzeciak of Carnegie Mellon University’s CERT describes the latest edition of the group’s common sense guide to mitigating insider threats and offers an update on his latest research. In a video interview at RSA Conference 2017, Trzeciak: Highlights changes in the new common sense guide; Discusses […]

Gartner’s Avivah Litan on Attribution and Elections

Analyst Offers Insights on Technologies to Improve Digital Attribution and Voter Authentication As threats and threat actors multiply and evolve, digital attribution becomes ever more critical, says Gartner’s Avivah Litan. She discusses how to approach attribution and also offers her take on the technologies that could help secure U.S. elections. In an interview at Information […]

How Cybercriminals Use Facebook

RSA’s Daniel Cohen Describes Use of Social Media to Sell Stolen Cards A new report from threat researchers at RSA describes how cybercriminals are using social media, including Facebook, to not only network about their attacks, but also sell card data and other compromised consumer information – all in open, public forums. Daniel Cohen, head […]

Visa on Growth of Card-Not-Present Fraud

Gord Jamieson Outlines How Canada Is Responding to New Wave of CNP Incidents Canada led North America in EMV adoption, and now it is seeing a commensurate growth in card-not-present fraud. Gord Jamieson of Visa Canada describes how Visa is responding to this latest wave of CNP fraud. Jamieson, senior director of Canada risk services […]

How the Dark Web Presents New Insider Threats

Carnegie Mellon’s Michael Theis Offers Update on Latest Trends Organizations in all sectors need to be aware of newly emerging insider threats, including those tied to the dark web, says Michael Theis of Carnegie Mellon’s CERT Insider Threat Center. “Recently, there’s been some research that’s shown that [criminals on] the dark web have been reaching out […]

Data Security Lessons Healthcare Can Learn From DoD

Dave Summitt Describes Applying Defense Department Strategies to Health Data Protection One important information security lesson that the healthcare sector can learn from the Department of Defense is the value of documentation, says Dave Summitt, who has worked in both sectors. When he made the transition from the defense sector to healthcare seven years ago, […]

Breach Investigations: Switching Sides

Former FBI Agent Jay Kramer on His New Legal Role in the Private Sector When he was an FBI agent, Jay Kramer always preached the importance of having relationships with law enforcement in advance of experiencing a data breach. Now, as a private sector attorney, he can help clients form those relationships. In an interview […]