Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2017-09-21 11:00:52 |
Leaking Cloud Databases and Servers Expose Over 1 Billion Records (lien direct) |
According to IBM X-Force, misconfigured cloud databases accounted for more than 71 percent of reported leaked records so far in 2017.
|
|
|
|
|
2017-09-20 13:15:34 |
Have We Been Wrong All Along About Good Password Practices? (lien direct) |
In its new guidelines on secure password practices, NIST recommended using long strings of random words instead of a combination of characters and symbols.
|
|
|
|
|
2017-09-20 12:01:03 |
IBM Named a Leader in Latest IDC Worldwide MarketScape (lien direct) |
IBM was named a leader in the "IDC MarketScape: Worldwide Managed Security Services 2017 Vendor Assessment" for its ability to integrate MSS globally.
|
Guideline
|
|
|
|
2017-09-20 11:30:47 |
Don\'t Sweep Web Application Penetration Testing Under the Rug (lien direct) |
Although it is one of the most crucial components of any security strategy, web application penetration testing is often neglected.
|
|
|
|
|
2017-09-19 12:00:36 |
National IT Professionals Day: Recognizing the Saintly Patience of IT Workers (lien direct) |
CISOs should take a moment to recognize the hard work, patience and resilience of their staffers on National IT Professionals Day.
|
|
|
|
|
2017-09-19 11:15:33 |
Take a Hike: Navigating Your Identity Governance and Administration Process Engineering Journey (lien direct) |
Identity governance and administration process engineering remains a challenge despite growing awareness about the importance of IGA and IAM processes.
|
|
|
|
|
2017-09-19 10:00:41 |
Network Attacks Containing Cryptocurrency CPU Mining Tools Grow Sixfold (lien direct) |
IBM Managed Security Services (MSS) detected a sixfold increase in attacks involving embedded CPU mining tools between January and August 2017.
|
|
|
|
|
2017-09-18 12:10:37 |
Internet-Connected Toys: Cute, Cuddly and Inherently Insecure (lien direct) |
Internet-connected toys may be cute and cuddly, but they can also be hijacked by malicious actors to spy on children and their parents.
|
|
|
|
|
2017-09-18 11:35:35 |
No Time for Techno-Babble: Four Key Traits of Quality CISO Reports (lien direct) |
CISO reports must clearly illustrate how cybersecurity relates to business objectives in a way that board directors can understand.
|
|
|
|
|
2017-09-18 10:40:55 |
Raise the Red Flag: Guidelines for Consuming and Verifying Indicators of Compromise (lien direct) |
Before sharing indicators of compromise, analysts must consider the sensitivity of the data and verify the identities of the senders and receivers.
|
|
|
|
|
2017-09-15 12:05:52 |
Green Security Technology: The New Corporate Color? (lien direct) |
Companies all over the world are going green, but due to budgetary limitations and industry customs, many have yet to adopt green security technology.
|
|
|
|
|
2017-09-15 10:50:09 |
Increased Awareness Is the Best Cure for Health Care Security Risks (lien direct) |
Many health care security risks stem from insufficient leadership and limited resources, which can often be attributed to a lack of security awareness.
|
Guideline
|
|
|
|
2017-09-14 12:45:35 |
The New CISO: Management Through Thought Leadership (lien direct) |
The CISO can positively impact both organizational security and his or her own professional brand through thought leadership.
|
Guideline
|
|
|
|
2017-09-14 11:55:36 |
Downward Trend in Publicly Available Exploit Code? Don\'t Ease Up on Patch Management Just Yet (lien direct) |
IBM X-Force reported a downward trend in publicly available exploit code, but security teams must still prioritize vulnerability and patch management.
|
|
|
|
|
2017-09-14 11:15:32 |
See No Data, Hear No Data, Speak No Data: Overcoming the Challenges of Risk-Focused Data Management (lien direct) |
A risk-focused data management program can help companies identify and protect their prized assets from attackers aiming to steal, publish or destroy them.
|
|
|
|
|
2017-09-13 12:00:36 |
From Suspicious Activity to Suspended Account in Less Than a Minute: Stopping Insider Threats With Automation (lien direct) |
To protect corporate data from insider threats, security teams should leverage cognitive-enabled UBA and IGI solutions to measure users' risk scores.
|
|
|
|
|
2017-09-13 11:55:39 |
Don\'t Constrict Your Cyber Potential in 2017 - Upskill With Python Programming Language (lien direct) |
The highly versatile Python programming language enables developers to write software for penetration testing, web development, applications and more.
|
|
|
|
|
2017-09-13 11:20:41 |
What Do Avocados and Threat Intelligence Have in Common? (lien direct) |
Like a delicious guacamole, security teams need a perfect mix of IP addresses, MD5 checksum hashes and other threat intelligence to protect their networks.
|
|
|
|
|
2017-09-12 16:25:41 |
Brazilian Malware Client Maximus: Maximizing the Mayhem (lien direct) |
A new, upgraded version of remote access malware Client Maximus points to the growing sophistication of cybercriminals in Brazil.
|
|
|
|
|
2017-09-12 11:50:32 |
Frost & Sullivan Report Highlights Rise in Phishing Attacks (lien direct) |
Financial institutions need intelligence-driven fraud detection and prevention solutions to protect customers' sensitive data from phishing attacks.
|
|
|
|
|
2017-09-12 07:30:38 |
Think You Have Plenty of Time to Plan for GDPR? Think Again (lien direct) |
The deadline to achieve compliance with the General Data Protection Regulation (GDPR) is fast approaching, but many companies remain unprepared.
|
|
|
|
|
2017-09-11 12:11:56 |
CTRL-ALT-DELETE Before You Leave Your Seat! Security Awareness and Training Through Positive Reinforcement (lien direct) |
Security leaders should infuse positive reinforcement into their security awareness and training programs to encourage users to adopt best practices.
|
Guideline
|
|
|
|
2017-09-11 11:35:30 |
The CISO\'s Guide to Managing Insider Threats (lien direct) |
To effectively manage and remediate insider threats, the CISO must establish a comprehensive approach to governance, data analysis and incident response.
|
|
|
|
|
2017-09-11 11:20:38 |
e-Signature Security Speeds Government Paperwork Along (lien direct) |
The U.S. Census Bureau hopes to save $1.2 million annually by implementing e-signature technology in its internal personnel evaluation system.
|
|
|
|
|
2017-09-08 12:00:32 |
Money Talks: Speaking the Language of Money to Boost Security Awareness Among CEOs (lien direct) |
CEOs often lack security awareness because IT professionals fail to communicate risks in the context of the organization's bottom line.
|
|
|
|
|
2017-09-08 11:30:31 |
A Basic Model to Measure SIEM Maturity (lien direct) |
Companies looking to improve their ability to protect, control and monitor their technology infrastructures should follow this basic SIEM maturity model.
|
|
|
|
|
2017-09-08 11:10:37 |
Risk Governance: The True Secret Weapon of Cybersecurity (lien direct) |
While security solutions can certainly help organizations fight ransomware and other threats, the best defense is a robust risk governance strategy.
|
|
|
|
|
2017-09-07 13:00:31 |
Security Specialists Discuss Identity and Access Management in the Age of Ransomware (lien direct) |
Security teams should follow identity and access management (IAM) best practices to avoid widespread ransomware attacks such as WannaCry and NotPetya.
|
|
NotPetya
Wannacry
|
|
|
2017-09-07 11:35:30 |
Aiming for a Security Career? Consider a Liberal Arts Degree (lien direct) |
A liberal arts education, supplemented with technical training and extracurricular experience, can set students up for successful careers in cybersecurity.
|
|
|
|
|
2017-09-07 11:10:36 |
Is Your Company Secure by Design? Aligning Security With Business Objectives (lien direct) |
The key to aligning security with business objectives is to make assets secure by design, which gives analysts sufficient visibility to respond to threats.
|
|
|
|
|
2017-09-06 12:00:48 |
Know Your Data and Your Enemies: Establishing a Baseline for Proactive Threat Hunting (lien direct) |
Threat hunting enables security teams to improve incident response speed and accuracy. It also empowers them to remediate threats proactively.
|
|
|
|
|
2017-09-06 11:05:29 |
Operational Integrity and Incident Response for IoT Security (lien direct) |
An incident response plan, basic understanding of the threat landscape and regular security testing are crucial to IoT security.
|
|
|
|
|
2017-09-06 10:00:33 |
Spotlight on Energy and Utilities Sector: Attacks Targeting ICS Systems Projected to Increase (lien direct) |
According to IBM X-Force data, cybercriminals have been targeting industrial control systems in the energy and utilities sector at an increasing rate.
|
|
|
|
|
2017-09-05 12:20:29 |
The Security Leader\'s Expanding Role: Seven Priorities to Drive CISO Success (lien direct) |
Today's CISO needs to be more than just a security leader. The role now demands constant communication, continuous education and acute business sense.
|
Guideline
|
|
|
|
2017-09-05 11:35:30 |
The Time for IT Asset Management Is Now (lien direct) |
Due to the rapidly shifting technology landscape, a robust, dynamic and well-funded IT asset management program is a prerequisite to success in business.
|
|
|
|
|
2017-09-05 10:45:30 |
Seven Steps to Improve Your Security Operations and Response (lien direct) |
Organizations can improve their security operations and response capabilities by adopting a multilayered approach driven by cognitive technology.
|
|
|
|
|
2017-09-01 11:25:27 |
Poor Management of Security Certificates and Keys Leads to Preventable Outages (lien direct) |
Despite significant progress in the area of security certificates, many organizations still suffer preventable outages, according to a recent study.
|
|
|
|
|
2017-09-01 06:00:29 |
Analyze Attack Patterns to Make Your Environment Secure by Design (lien direct) |
By analyzing attack patterns and making their environments secure by design, analysts can control devices remotely without impeding change management.
|
|
|
|
|
2017-08-31 12:10:28 |
Why Machine Learning Is an Essential Tool In the CISO\'s Arsenal (lien direct) |
To protect their networks from malicious insiders, user negligence and other threats, CISOs need advanced machine learning capabilities such as UBA.
|
|
|
|
|
2017-08-31 11:15:30 |
Beyond IT: Finding a Mentor to Help Guide Your Cybersecurity Career (lien direct) |
A seasoned, experienced mentor can be an invaluable resource for an aspiring professional looking to start a successful cybersecurity career.
|
|
|
|
|
2017-08-31 09:10:31 |
Weighing the Benefits and Challenges of Cognitive Adoption (lien direct) |
While it promises to improve quality of life across the globe, many are resistant to widespread cognitive adoption due to fear of change and other factors.
|
|
|
|
|
2017-08-30 12:20:29 |
Keep Intruders Out of Your Network With Proactive Threat Hunting (lien direct) |
Threat hunting promotes a proactive approach to security monitoring and incident response, making it harder for intruders to breach your network.
|
|
|
|
|
2017-08-30 11:50:31 |
IBM Experts Weigh In on the Value of an Industry-Focused Approach to Security (lien direct) |
The IBM Security immune system consists of integrated, industry-focused solutions to help clients across all sectors maximize their security investments.
|
|
|
|
|
2017-08-30 11:05:29 |
The Educator\'s Back-to-School Cybersecurity Checklist: Make Mitigating Command Injection a Priority (lien direct) |
To protect students, parents and teachers from data theft, academic institutions must adopt comprehensive strategies to mitigate command injection attacks.
|
|
|
|
|
2017-08-29 13:00:30 |
IDaaS Providers: This Is How Cloud Identity Service Rapidly Responded to IoT and Mobile Demands (lien direct) |
IDaaS providers such as IBM and solutions like Cloud Identity Service can help organizations accelerate their IAM strategies and onboard SaaS apps.
|
|
|
|
|
2017-08-29 12:10:33 |
Just a Passing Fad? Fidget Spinners and the Malware Sandbox (lien direct) |
A traditional malware sandbox running OS-level analysis is prone to missing sophisticated threats and advanced evasion techniques.
|
|
|
|
|
2017-08-29 11:30:29 |
Need-to-Know Only: Use Encryption to Make Data Meaningless to Prying Eyes (lien direct) |
Data encryption is one of the most basic - and, given the right tools, most effective - ways to protect sensitive information from cybercriminals.
|
|
|
|
|
2017-08-28 12:00:31 |
Man With Machine: Harnessing the Potential of Artificial Intelligence (lien direct) |
Recent advancements in machine learning, deep learning and cognitive security have made artificial intelligence an essential tool for cybersecurity teams.
|
|
|
|
|
2017-08-28 11:30:40 |
Location! Location! Location! Managing and Protecting Critical Data in the Age of Sprawl (lien direct) |
The digital age has created data sprawl, which complicates how organizations locate, classify and secure their critical data.
|
|
|
|
|
2017-08-28 11:05:26 |
Using a Free Online Malware Analysis Sandbox to Dig Into Malicious Code (lien direct) |
A public malware sandbox can be a great substitute for an in-house malware analysis solution - as long as you understand its limitations.
|
|
|
|