Living in an Assume Breach world
Some security professionals claim their networks are secure from hacking. They may say this to justify a recent large purchase of security equipment. But many times, they say …
strategy
What’s needed for the first NYS DFS cybersecurity transitional phase?
The first transitional phase of the New York State’s Department of Financial Services (NYS DFS) cybersecurity regulation is upon us. As of August 28th, 2017 covered entities …
Learning from success: Brian Honan’s infosec journey
When Brian Honan started his information security consultancy thirteen years ago, most of his conversations were with those in charge of IT and/or IT security within an …
Why you need to implement security controls across your environment
In this podcast recorded at Black Hat USA 2017, Tim White, Director of Product Management, Policy Compliance at Qualys, discusses the importance of security configuration …
Doing things right: Cloud and SecOps adoption
There is hardly an organization out there that isn’t planning or hasn’t already taken advantage of the cloud. And, according to Threat Stack CTO Sam Bisbee, there is hardly a …
The human point: Gaining visibility into the context behind user actions
In this podcast recorded at Black Hat USA 2017, Dr. Richard Ford, Chief Scientist at Forcepoint, talks about the security industry’s need of a paradigm shift toward …
DevOps skills gap: Do you have the necessary skills to succeed?
New research shows that software developers are not receiving the training they need to be successful as DevOps becomes the prevalent approach to building and operating …
Three megatrends that will drive digital business into the next decade
Gartner revealed three distinct megatrends that will enable businesses to survive and thrive in the digital economy over the next five to 10 years. Artificial intelligence …
Enterprise security culture: Why you need it, and how to create it
Security awareness is a term that most information security professionals are familiar with – security culture a little less so. “Security awareness training is …
STIX and TAXII: Sharing cyber threat intelligence
In this podcast recorded at Black Hat USA 2017, Allan Thomson, CTO at LookingGlass Cyber Solutions, talks about STIX and TAXII. STIX (Structured Threat Information Expression) …
