Assessing and Managing Risk
Threats and Vulnerabilities
More fallout from the Apple/FBI conflict: The second iPhone suit was dropped; the FBI can't provide details of a tool used to unlock the San Bernardino shooter's phone.
PCI DSS 3.2 marks the start of refining the payment data regulations, rather than minor changes, and includes requirements to strengthen encryption and multifactor authentication.
When candidates prepare for a CISO job interview, they should know the answer to 12 specific questions. Expert Mike O. Villegas reviews the questions.
Chase Cunningham of Armor spoke with SearchCloudSecurity at RSA Conference 2016 about the value of secure cloud hosting services, threat intelligence and more.
Cisco's new project Contiv automates operational policies for containerized applications in the cloud. Expert Dan Sullivan explains the benefits of this open source tool.
The OneOps cloud application lifecycle management tool helps organizations regain control of cloud deployments and prevent vendor lock-in. Expert Rob Shapland explains how.
Drive-by financial malware Fobber is the evolution of the popular Tinba -- with better encryption, a newer format and a focus on the Netherlands.
Heimdal Security researchers have found new cases of the nesting-doll financial malware, while Fortinet researchers peel back the layers to reveal its surprising intricacies.
A new Symantec report shows a significant fall in banking malware infections in 2014, but the company warns that malware remains a threat to financial firms.
Smartphone and tablet use in the enterprise can help boost productivity, improve employee satisfaction and lower costs. However, it is also fraught with risk. Expert Lisa Phifer discusses the risks and rewards of going mobile in the enterprise.
Bring your own device has a number of inherent security challenges. Expert Lisa Phifer explains how a mobile device management product can help your enterprise conquer BYOD risks.
Cloud-based data loss prevention can be a worrisome option for some. Kevin Beaver explains how to measure the risk vs. reward of cloud-based DLP.
India is moving towards a digital future with dreams of smart cities, but Indian IT companies seem to be unconscious to the need for data security
Chinese mobile phone maker Xiaom is to set up a datacenter in India to allay fears over data security raised by the Indian Air Force (IAF).
Detecting fake websites needs to be part of all companies' security strategies, according to security and domain name experts.
More and more IT leaders in the Middle East are considering adopting virtual desktop infrastructures, but user cases are needed to speed things up
Amazon reports profits for the first quarter of $513m, compared with a net loss $57m in the same period the year before
Europe risks falling behind if it does not move to establish 5G spectrum standards soon