Infosecurity Opinions
Three Pillars of Docker Security: Visibility, Identification & Tracking
Without tools to manage the security of Docker deployments, organizations risk exposing their containers to attack.
Can Facial Recognition Boost Security and Compliance?
Today facial recognition is a powerful tool used widely by federal agencies and the military, and also emerging as an important component of security solutions for businesses.
Battling the Botnet Armies
Botnet armies have got bigger, more active and more heavily armed than ever before. In the first quarter of 2016, attacks launched by bots reached a record high of 311 million – a 300% increase compared with the same period in 2015, and a 35% increase compared with the final quarter of 2015.
The Importance of a Cyber Incident Response Plan and the Steps Needed to Avoid Disaster
In the immediate aftermath of a breach, organizations should have an incident response plan which includes incident detection as well as incident response. Despite this, we found that a third of organizations do not have an incident response plan in place, and two-thirds of those that do have never tested their plan. It’s like having a plan for a fire drill but never actually executing it.
Lack of Security Has Cyber-Criminals Turning to SMEs
While some SMEs (approximately 23%) have caught on to the potential risk posed by cybercrime, too many are still relying on outdated technology that only provides perimeter security, completely ignoring file-based threats.
Analytics: The Single Key to Simultaneous Security and Productivity
Rather than adding more layers to authentication, the solution lies in contextual analytics.
Why Education Institutions Need a Security Re-Education
Over the last year, there has been an industry spotlight on data breaches, many of which have become front page news. Kaspersky and Experian are just two that had significant media attention.
Teachable Moments: Five Cybersecurity Lessons from Emailgate
FBI Director James Comey delivered a statement this week announcing the FBI does not recommend criminal charges against Hillary Clinton for her use of a private email server during her time as Secretary of State. While the findings of the investigation will be debated extensively, there are five data security lessons contained in the statement that apply to all organizations.
IoT is Finally Here, We All Need to Rethink Our Approach to Security
It has been a long time coming, the concept of millions of devices connected via the internet has been talked about for at least 15 years, but the challenge of getting the hardware costs down to the point of insignificance and working with unreliable and patchy connections has meant that it has taken until now for the idea take hold.
Cybersecurity isn’t Rocket Science!
Thinking about your organization’s data security infrastructure in terms of medieval warfare will actually help you to consider all of the potential threats posed to it, and most importantly, give you the insight you need to create a robust security infrastructure
The Rising Tide of Android Malware
As the mobile market matures, thieves are discovering new ways to exploit this captive audience of mobile users.
Man and Machine: A Match Made in Cybersecurity Heaven
I’m not suggesting that security analysts should be replaced by automated systems, rather, they should complement one another.
Software Defined Security: Going Beyond Traditional Measures
By adopting the SDSec model, businesses can realize the benefits of programmability and automation, which will consequently enable them to respond to today’s security threats in a more dynamic, efficient and intelligent way.
Rebuilding Digital Trust in The Age of The Hack
We now live in an “Allternet” world, where all people, products and places are hyper-connected and fundamental shifts in how we interact and trust each other are emerging.
How Can Your Company Radically Curb Insider Threat?
At Zalando, our internal bug bounty program underlines the need to hack, learn from mistakes, and in the process, develop the most secure products.
Exploiting SS7 Vulnerabilities in Mobile Networks for Criminal Gain
Signaling System Number Seven, or SS7, is a widely-used protocol that enables mobile operators’ subscribers to communicate with each other. At the heart of an operator’s network, SS7 contains highly important data such as a subscriber’s identity, status and location, providing the operator with the ability to manage communications and bill their subscribers for the services they use.
The SS7 Security Threat is Real. How Can MNOs Respond?
It was only a matter of time, but the shortcomings of SS7 have become an issue impossible to ignore.
Data Breaches – Just a Cost of Doing Business or Tip of the Spear for Threats to Business?
Now that major data breaches have become so commonplace, there is a growing perception that they are inevitable costs of doing business and resulting costs need to be paid, with the fallout contained as quickly as possible—and move on.
Metadata as a Divining Rod for Security
Most security tools are not equipped to handle the increases in traffic speed as well as attack frequency
SOC Up and Listen
It’s often said that listening is a skill in itself, and yet we’ve yet to grasp the nuances of listening to network noise. From the chatter on social media, to the deep recesses of the subterranean dark web, there’s now a vast array of data that we need to tap into, monitor and interpret to get advance warning before threats are realized.
