The Forum of Incident Response and Security Teams recently announced the release of new training resources to help organizations build and improve product security incident response teams. Damir "Gaus" Rajnovic of FIRST discusses the global need for these resources.
Getting employees involved in data security requires explaining the benefits, such as avoiding service interruptions, says Paul Bowen of Arbor Networks, who offers insights on making security part of the daily routine.
Leading the latest edition of the ISMG Security Report: Cybersecurity expert Brian Honan provides insights on why organizations that are not yet compliant with GDPR need to focus on several key steps. Also: An assessment of the progress women are making in building careers in information security.
Cybersecurity challenges and solutions have evolved greatly since 2002. And so has the Executive Women's Forum, which was founded that year to advance female leaders in the profession. Founder Joyce Brocaglia reflects on the forum's accomplishments and challenges.
If you're paying attention, you've probably already seen a handful of GDPR-related headlines just today, let alone in the last week or month. But there are two good reasons for the deluge of GDPR discussion right now: It's incredibly important and the time to act is now.
Chili's Grill & Bar is warning customers that an unknown number of payment cards were compromised at an unknown number of corporate-owned locations earlier this year for a period of time it suspects lasted two months. Should Chili's have waited to alert customers until it had more information?
Spectre and Meltdown: It's déjà vu all over again as Intel is reportedly prepping a coordinated vulnerability disclosure announcement for eight new speculative execution flaws. One of the new flaws is apparently worse than any of the three Spectre/Meltdown variants that came to light in January.
What can be done to address the shortage of personnel to fill the ever-expanding roster of cybersecurity jobs - from entry-level positions through the CISO role? (ISC)2's John McCumber describes organizational and governmental efforts to lower barriers to entry and build tomorrow's workforce.
Great news: "SunTrust to offer free identity protection ... at no cost on an ongoing basis." Of course, nothing comes for free, at least for 1.5 million customers of the Atlanta bank, whose personal details may have been sold to criminals by a former employee.
Employees are the first line of defense for any organization, and Paul Bowen of Arbor Networks believes we don't do nearly enough to deputize them to support our security efforts. He offers tips for using technology to train end users.
Two out of three organizations say that finding qualified cybersecurity professionals is a struggle, a new study shows. And 80 percent of respondents do not feel adequately prepared to defend their organizations. Kathie Miley of Cybrary and Wade Baker of Cyentia Institute discuss how to bridge the cyber skills gap.
Australia's real-time payments platform, which launched last week, includes a feature designed to reduce fraud and erroneous payments. Ironically, the feature may also expose users to social engineering attacks.
The White House, fearing China is spying on phone calls, has suggested that the U.S. government take a primary role in marshaling the development of secure 5G networks. But would nationalizing 5G networks make them more secure?
Technology giants are still struggling to identify what's at risk from the Spectre and Meltdown flaws in modern CPUs, never mind getting working security updates into users' hands. In the meantime, expect a rush by researchers to find more flaws in microprocessor code.