Expert analysis
Supply chain attacks: Mitigation and protection
In software development, a supply chain attack is typically performed by inserting malicious code into a code dependency or third-party service integration. Unlike typical …
Hacking our way into cybersecurity for medical devices
Hospitals are filled with machines connected to the internet. With a combination of both wired and wireless connectivity, knowing and managing which devices are connected has …
SEC demands better disclosure for cybersecurity incidents and threats
As companies increasingly rely on networked systems and on the Internet, cybersecurity threats have grown. Companies that fall victim to a successful cyberattack incur …
GE trade secret theft case demonstrates need for document behavior monitoring
A former GE engineer and a Chinese national have been formally charged with 14 counts of economic espionage by the U.S. Department of Justice after stealing trade secrets from …
Best practices when implementing SD-WAN
Telecoms is an overall complex business – delivering network circuits and optimizing connections – but SD-WAN has its own very specific set of obstacles. SD-WAN involves many …
Too fast, too insecure: Securing Mongo Express web administrative interfaces
Mongo Express is a lightweight web-based administrative interface deployed to manage MongoDB databases interactively. It is authored using Node.js, Express and Bootstrap …
You can’t fix what you can’t see: A new way of looking at network performance
Network performance, or the service quality of a business’ network, is critical to running a successful enterprise. Imagine the cost to an organization when the corporate …
Nearly half of firms suffer data breaches at hands of vendors
As trusted partners, third-party vendors often become the overlooked or unwitting accomplice in criminal activities. As privacy laws and cybersecurity regulations continue to …
The foundation: Quantifying risk with focused security measurement
When you hear “quantify risk,” you might think it’s the buzz-term du jour. You might be right. Risk quantification is a hot topic right now. It seems everyone who touches …
Building a modern data registry: Go beyond data classification
For organizations, understanding what data they store and analyze is gaining increasing urgency due to new privacy regulations, from the Global Data Privacy Regulation (GDPR) …
The perimeter is vanishing, how will you secure your network?
There’s a new reality to network security, driven by the fact that the perimeter is vanishing. The concept of a network being fully enclosed within a building or virtual …
Attention CISOs: Five steps to get the security funding you need
Going in front of the board to request or increase your security funding is no easy task – especially when the organization is facing budget restraints or, worse, the …