Help Net Security - Information Security News

Hot stuff

Three essential elements of a successful Zero Trust cybersecurity program

Organizations have traditionally deployed cybersecurity approaches that adhered to the phrase made famous by President Ronald Reagan: “Trust, but verify.” This meant that most users and activities were considered “safe,” as long as simple standards were met – like logging in from within the network. However, with the ever-increasing volume, …

With shadow IT running rampant, how can IT keep pace?

Data privacy is high on the minds of businesses and consumers alike, as society at large is getting wise to the potential dangers that even seemingly innocuous apps (ie. FaceApp) might expose them to. That’s why it’s critical that enterprise IT teams put an emphasis on establishing realistic Internet use and network policies to help curb …

Closing the cyber skills gap: What to do next

On a global scale, cybersecurity is suffering from a severe shortage of experts. What is to be done? Organizations, government, academia and professional associations need to work together to develop a sustainable cyber skills strategy. To date, strategic thinking has largely focused on what to defend and how to defend, but less on who is …

Extending security to fourth parties your business needs, but doesn’t control

While there is much discussion about the data security and privacy risks created by third parties, another source of risk can be significant but overlooked: that from fourth parties – those vendors that your vendors use – who may be integral players in your mission fulfillment but who are beyond your direct contractual oversight. Because third …

Spotlight

Red teaming: Why a forward offense is the best defense

Backdoored Ruby gems stole credentials, injected cryptomining code

The compromise of several older versions of a popular Ruby software package (aka a Ruby …

When will the GDPR pot boil over? It’s sooner (and different) than you think

There’s an old saying that a watched pot never boils. In reality, the sauce in that pot is …

With shadow IT running rampant, how can IT keep pace?

Automating CCPA compliance: Organize your data and manage requests

Expert Corner

Rob Ragan Principal Researcher, Bishop Fox

Red teaming: Why a forward offense is the best defense

Rolf von Roessing Vice Chair, Board of Directors, ISACA

Closing the cyber skills gap: What to do next

Wesley Yeremenko CTO, VERA

Extending security to fourth parties your business needs, but doesn’t control

Jimmy Graham Senior Director of Product Management, Qualys

Optimizing the patch management process

Nimmy Reichenberg Chief Strategy Officer, Siemplify

Security orchestration and automation checklist: How to choose the right vendor

Netanel Davidi Co-CEO, VDOO

Research shows that devices banned by US government lack basic security practices

Liron Barak CEO, BitDam

Passion, ingenuity and hard work: The cybersecurity startup story of Israel

Dave Mariani Chief Strategy Officer, AtScale

Orchestrating security policies across your hybrid cloud with intelligent data virtualization

Elad Ben-Meir CEO, SCADAfence

The need for scalable OT security

Dr. Abdul Rahman Chief Scientist, Fidelis Cybersecurity

Tricking attackers through the art of deception

Joan Pepin CISO and VP of Operations, Auth0

Security or compliance? Stop choosing between them

Yatin Patil Manager of Product Management, Synopsys

Securing modern web apps: A case for framework-aware SAST

What's New

Securing the cloud: Visibility, compliance and vulnerability management

In this Help Net Security podcast recorded at Black Hat USA 2019, Hari Srinivasan, Director of Product Management for Qualys, talks about the basics of securing your cloud. Here’s a transcript of the podcast for your convenience. Hello and …

2019 Cloud Security Report: Latest trends and challenges

Check out the 2019 Cloud Security Report sponsored by (ISC)². Based on a comprehensive survey of cybersecurity professionals in the 400,000+ cybersecurity community on LinkedIn. The report reveals: The latest cloud security trends and challenges …

New tool enables users to disconnect their off-Facebook activity from their account

Facebook has announced the (partial) roll-out of a long-awaited “Clear History” privacy tool for users, only it ended up being dubbed “Off-Facebook Activity”. First mentioned by Mark Zuckerberg over a year ago, in the …

Cybersecurity challenges for smart cities: Key issues and top threats

Urban population is on the rise worldwide and smart city development projects are harnessing the power of the Internet of Things (IoT) to develop more intelligent, efficient, and sustainable solutions. However, digital security investments in …

When will the GDPR pot boil over? It’s sooner (and different) than you think

There’s an old saying that a watched pot never boils. In reality, the sauce in that pot is heating up in a way we can’t quite see yet. After the major compliance ramp by companies in 2018, a lot of us thought the impact of GDPR would be instant …

Backdoored Ruby gems stole credentials, injected cryptomining code

The compromise of several older versions of a popular Ruby software package (aka a Ruby “gem”) has led to the discovery of a more widespread effort to inject malware and mining software through Trojanized gems. What happened? Two …

Three essential elements of a successful Zero Trust cybersecurity program

Protecting iOS and Android applications in a fully automated way

In this Help Net Security podcast recorded at Black Hat USA 2019, Dave Belt, Technology Evangelist at Irdeto, and Jaco du Plooy, VP Cloakware at Irdeto, discuss the current threat landscape, software security trends, and the importance of …

VLC users urged to implement latest security update

VLC, the popular cross-platform media player, has reached version 3.0.8, which fixes over a dozen security vulnerabilities, some of which could be exploited by attackers to achieve code execution on victims’ machines. About VLC VLC is an …

Hot stuff

Expert Corner

Newsletters

What's New

Industry news

Whitepapers and insight

Newsletters