Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-30 10:21:14 |
When a Cyber Crisis Hits, Know Your OODA Loops (lien direct) |
OODA loops can help System 1-thinking security professionals react swiftly to cyberattacks and embrace an intuitive approach to incident response.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-26 12:36:09 |
Security Awareness: Three Lessons From Health Campaigns (lien direct) |
Health care initiatives such as the campaign to encourage proper hand-washing can serve as blueprints for CISOs seeking to drive security awareness.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-26 12:01:13 |
Using Security Intelligence to Detect Insider Threats From Cloud-Based Applications (lien direct) |
Security intelligence solutions such as QRadar UBA enable analysts to detect potentially malicious activity on Microsoft Office 365 cloud-based apps.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-26 11:21:12 |
Personalizing Energy Security With Robust Analytics (lien direct) |
To deliver the level of personalization today's prosumers demand, utilities must support their energy security strategies with predictive analytics.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-25 15:21:13 |
Unwrapping the Mystery: Did a Big, Slimy Internet Worm Make Hundreds of Organizations WannaCry? (lien direct) |
IBM X-Force revealed that WannaCry spread to its targets like a computer worm. But unlike a classic worm, it carried a malicious payload of ransomware.
|
|
Wannacry
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-25 12:01:14 |
Incident Response: Planning for the Attack Before It Happens (lien direct) |
An effective backup strategy is simply one part of a larger security and incident response plan, which should be developed proactively.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-25 10:21:14 |
Don\'t Leave Home Without These Five Travel Security Tips (lien direct) |
Tourists should follow these travel security best practices to protect their devices and data from cybercriminals, especially in foreign countries.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-24 12:56:08 |
Don\'t Sit Back and Wait for Security Risks to Disappear (lien direct) |
Many IT leaders and executives simply accept security risks as a result of poor decisions based on fear, misinformation and flawed insights.
|
Guideline
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-24 12:01:13 |
Empower Your Employees to Become Security Awareness Champions (lien direct) |
Security leaders must tailor their security awareness training programs to the particular needs and goals of the employees in their departments.
|
Guideline
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-24 11:11:11 |
Stopping Threats in Their Tracks With Proactive Monitoring (lien direct) |
An effective response to an advanced threat such as WannaCry can be broken down into two phases: vulnerability management and proactive monitoring.
|
|
Wannacry
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-23 14:06:08 |
Zombie Cloud Data: What Your Delete Key May Not Delete (lien direct) |
Zombie cloud data - information that lingers in the cloud even after a user supposedly deletes it - can open organizations to data theft and noncompliance.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-23 12:01:12 |
Cybercrime Has Become a Commodity (lien direct) |
Cybercrime tools available through private networks and on the Dark Web make it easier than ever for would-be fraudsters to infiltrate networks.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-23 10:51:10 |
GootKit Malvertising Brings Redirection Attacks to Italian Banks (lien direct) |
The cybergang behind GootKit followed up its recent U.K. activity by launching redirection attacks at Italian banking services.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-22 17:11:11 |
Blocking Bad: The Importance of Blocking and Virtual Patching (lien direct) |
Blocking refers to the practice of deploying network security devices to block threats as they traverse the network.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-22 16:31:10 |
Health Care and Ransomware: A Marriage Made in Hades (lien direct) |
A widespread ransomware attack such as WannaCry can cause problems for any business. For a health care organization, it can cause an utter catastrophe.
|
|
Wannacry
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-22 11:56:07 |
Incorporate Application Security Checks and Balances Into Your Organization\'s Citizen Developer Initiatives (lien direct) |
Citizen developer programs can reduce costs and boost efficiency, but they require heightened vigilance when it comes to application security.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-22 10:31:10 |
Cybersecurity Hiring Woes? Time to Consider a New Collar Approach (lien direct) |
IBM is leading an industrywide effort to close the IT skills gap by hiring new collar professionals who lack formal degrees but possess requisite skills.
|
Guideline
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-19 12:01:11 |
Unapplied Knowledge: Using Endpoint Intelligence to Earn an A-Plus in Security (lien direct) |
Security professionals can now add the previously unapplied knowledge from IBM BigFix to the existing set of data available through QRadar.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-19 11:31:09 |
Traditional Approaches to User Security Training Are Creating Unnecessary Risks (lien direct) |
To make user security training more effective, IT leaders must engage employees with a more creative - and less boring - approach.
|
Guideline
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-19 10:41:13 |
MaaS360: A GDPR-Ready Unified Endpoint Management Solution (lien direct) |
MaaS360 helps security analysts assess, update and safely store data to achieve and maintain compliance with the GDPR before it takes effect in May 2018.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-18 12:21:12 |
The Road to 2020, Part III: Transforming Your Enterprise With Cognitive Security (lien direct) |
The latest UEM and cognitive security offerings enable analysts to effectively collect, collate and analyze what was once an overwhelming volume of data.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-18 11:56:07 |
How Basic Endpoint Patching Helps Protect Against Ransomware and Other Attacks (lien direct) |
Effective defense against large-scale ransomware attacks such as WannaCry starts with basic endpoint protection and patch management.
|
|
Wannacry
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-18 11:11:08 |
Overcoming the Skills Gap With On-the-Job Training (lien direct) |
Organizations can address the cybersecurity skills gap by looking to tap the pool of millennials entering the information security workforce.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-17 14:31:09 |
Lessons Learned From the WannaCry Ransomware Attack and Many Others That Preceded It (lien direct) |
The best strategy to defend against the WannaCry ransomware attack and similar events is to adopt tools to prevent them from occurring in the first place.
|
|
Wannacry
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-17 12:21:12 |
Security Is an Organizational Behavior Problem (lien direct) |
Security is often viewed as a technology problem, but many vulnerabilities can be traced back to flaws and inconsistencies in organizational behavior.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-17 11:51:07 |
Not-So-Terrible Twos: IBM X-Force Exchange Celebrates Its Second Birthday (lien direct) |
Since its inception two years ago, the IBM X-Force Exchange has grown into a comprehensive hub for industrywide threat intelligence collaboration.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-16 17:01:12 |
Simplifying Malware Analysis for the C-Suite and Security Operations (lien direct) |
IBM X-Force Malware Analysis on Cloud is a SaaS solution that helps analysts identify malware and shorten the time to remediate a potential infection.
|
|
|
★★★★★
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-16 11:26:10 |
Apache Struts 2: A Zero-Day Quick Draw (lien direct) |
It took fraudsters less than 24 hours after the disclosure of a previously unknown Apache Struts 2 vulnerability to develop a Python script to exploit it.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-15 14:01:10 |
The Looming Threat of Health Care IoT Devices (lien direct) |
The influx of health care IoT devices, both approved and unsanctioned, is creating unprecedented security concerns for hospital IT departments.
|
|
|
★★★★
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-14 17:05:24 |
WannaCry Ransomware Spreads Across the Globe, Makes Organizations Wanna Cry About Microsoft Vulnerability (lien direct) |
The operators of malware known as WannaCry/WanaCrypt0r 2.0 are believed to have caused the biggest ransomware attack ever recorded.
|
|
Wannacry
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-12 12:01:08 |
More Than Meets the Eye: Five Common Misunderstandings About SIEM Solutions (lien direct) |
SIEM solutions are not meant to prevent security breaches. Rather, they are designed to strengthen the organization's overall security posture.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-12 11:51:06 |
100-Day Government IT Roundup: Immigration, Innovation and Information Security in Trump\'s America (lien direct) |
The state of government IT was a central issue during last year's election and continues to drive decision-making within Trump's administration.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-11 13:01:15 |
GootKit Launches Redirection Attacks in the UK (lien direct) |
X-Force researchers discovered that the cybergang behind the GootKit banking Trojan recently began launching redirection attacks in the U.K.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-11 11:46:06 |
The Road to 2020, Part II: Transforming Your Enterprise With IoT (lien direct) |
To protect sensitive data from emerging threats associated with the rise of the IoT, security analysts must adopt a centralized approach to UEM.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-11 11:20:07 |
A Fast Start to Your Security Immune System (lien direct) |
To set your security immune system on the right track, begin by assessing the controls in place, identifying gaps and generating a road map of initiatives.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-10 14:01:09 |
The Hidden Privacy Issues With Windows 10: The Injection of Ads and How to Improve Your Online Privacy (lien direct) |
While its latest editions both feature security enhancements, Windows 10 users should still follow these best practices.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-10 11:56:04 |
Compliance Does Not Always Cure Health Care Security Woes (lien direct) |
Compliance should be viewed as a framework to facilitate security, not a magic wand to make threats and vulnerabilities disappear.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-10 11:31:07 |
Vulnerability Management in the Age of Analytics (lien direct) |
An effective vulnerability management strategy requires and continuous visibility into endpoint activity and real-time control over devices in a network.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-09 13:01:07 |
Is the CISO Job Market Overcrowded? (lien direct) |
The CISO job market is full of qualified and underemployed security leaders champing at the bit to provide value to organizations.
|
Guideline
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-09 11:46:04 |
The Cognitive Analyst and Artificial Intelligence (lien direct) |
It's natural for security professionals to be nervous, but Watson is designed to augment the role of the cognitive analyst, not replace it entirely.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-09 11:01:06 |
Closing the Cybersecurity Skills Gap With a New Collar Approach (lien direct) |
In response to the ever-widening cybersecurity skills gap, many organizations are hiring new collar workers to fill open IT positions.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-08 13:06:03 |
The IT Gig Economy: Are Freelances or FTEs Your Best Fit? (lien direct) |
While CISOs may prefer to hire full-time security professionals, many organizations are leveraging the gig economy to bridge the cybersecurity skills gap.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-08 11:56:02 |
Five Whys: Lessons From the World of Incident Investigations (lien direct) |
Cybersecurity is all about asking the right questions. The Five Whys method can help analysts prevent near misses from becoming full-blown incidents.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-08 11:11:06 |
Cybersecurity Leadership in Transition: A View From the Classroom (lien direct) |
Cybersecurity leadership courses traditionally focus on imparting subject matter expertise, but the next generation of CISOs must also be trusted advisors.
|
Guideline
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-05 12:46:16 |
Threat Intelligence in the Age of Cyber Warfare (lien direct) |
In the age of cyber warfare, security analysts must determine which assets are most critical and prioritize their defense strategies accordingly.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-05 12:01:07 |
The Competing Claims of Security Vendors Sow Customer Distrust (lien direct) |
There is no such thing as a magic bullet for security. When security vendors push their products too hard, customers grow skeptical of the entire industry.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-05 11:06:02 |
Building a Holistic Cyberhealth Immune System (lien direct) |
The health care security immune system maps to integrated services and products, addressing specific health care concerns and preventing cyberattacks.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-04 15:01:07 |
Neverquest Gang Takes Leave - Is It the End of the Quest? (lien direct) |
IBM X-Force researchers recently observed a massive drop in Neverquest malware campaigns. Is it the end of an era for this Trojan?
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-04 12:11:11 |
Taming the Open Source Beast With an Effective Application Security Testing Program (lien direct) |
Application security testing is the only way to prevent open source vulnerabilities from becoming a huge problem in the enterprise.
|
|
|
|
![securityintelligence.webp](./Ressources/img/securityintelligence.webp) |
2017-05-04 11:46:09 |
The Road to 2020, Part I: Transforming Your Enterprise With UEM (lien direct) |
Unified endpoint management (UEM) can assist security teams in preparing for the future of business transformation and mobile security.
|
|
|
|