To better secure enterprise networks, as well as detect and respond more rapidly to data breaches, businesses need to know the who, what, where, when and why of all endpoints that connect to network resoruces, says ForeScout's Sandeep Kumar.
Rogue applications designed to impersonate a company's corporate brand are increasingly prevalent, offering attackers an easy way to fool online users into downloading malicious apps aimed at compromising credentials, says Arian Evans of the online security firm RiskIQ.
Botnet operators are increasingly selling access to interesting zombie PCs, as well as continuing to launch DDoS and financial attacks, warns Menno van der Marel, CEO of investigation firm Fox-IT.
Malware researchers can track important technical details about attacks, but shutting down cybercrime networks requires law enforcement agencies to take the next step, says Alexander Erofeev of Kaspersky Lab.
To deliver effective information sharing and threat intelligence, the security industry must settle on a single set of threat-sharing standards, says David Duncan of the Internet security firm Webroot.
To mitigate the threat posed by malicious insiders or attackers who compromise real users' credentials, businesses must create and monitor a baseline of legitimate user behavior and activities, says Idan Tendler, CEO of Fortscale.
There's a big difference between threat data and threat intelligence, says Kevin Epstein of threat intelligence firm Proofpoint. Data alone is not enough to predict emerging threats, he says.
As organizations increasingly focus on securing critical data, they mustn't overlook one huge vulnerability: enterprise email. Steven Malone of Mimecast discusses the latest in unified email management.
BitSight Technologies conducted research on breached organizations and how they were impacted by botnets. The results are eye-opening, says CTO Stephen Boyer, offering insights from this study.
To secure the growing number of devices being used within enterprises requires organizations to be sure they're providing the right access to the right resources for the right people, says Ping Identity's Nat Klassen.
Automating processes could help organizations tackle the shortage of cybersecurity practitioners by making the job of analyzing threats simpler and more efficient, says Jessica Gulick, a vice president at security provider CSG Invotas.
As the U.S. completes its payments migration to the EMV chip, merchants and card issuers should be bracing for an uptick in card-not-present fraud, says Carol Alexander, head of payment security at software provider CA Technologies.
As organizations move toward storing and processing more data on the public cloud, security needs be automated and based on sound policies to mitigate growing threats, says HyTrust President Eric Chiu.
Organizations are moving to security solutions that protect applications and data without software agents, code changes or network devices, say Waratek's Anand Chavan and Michael Adams.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.