The average amount of time that online attackers camp out in a victim's network - or "dwell time" - has been declining, FireEye's Mandiant incident response group reports. But the surge in ransomware accounts for some attacks coming to light more quickly because those attackers announce their presence.
Cyber attacks like the recent SolarWinds breach demonstrate how cybercrime is shifting focus to cloud services. At the same time, Gartner predicts that almost half of companies will shift their cloud and network security to a SASE architecture (Secure Access Service Edge) in the next few years. But is this the right...
“Work from anywhere” is a game-changer, and it has significant impacts on certificate lifecycle management. Patrick Nohe of GlobalSign discusses the new, strategic approach security leaders need to take for CLM.
New encryption standards TLS 1.3 and DNS-over-HTTPS (DoH) will soon sweep away security controls. Security professionals must act within the next two years or they won't be able to analyze network traffic and detect cyberthreats.
Download the Forrester report —Maintain Security Visibility in the TLS 1.3 Era —...
View this case study to learn how Williams Racing has applied Workforce Cyber Intelligence to keep its employees, equipment and IP safe as they work remotely and travel the globe.
1,778 IT and IT security professionals across North America, Latin America, the UK and Europe responded to a new study by the Ponemon Institute, and their responses deliver a clear message to CISOs.
The study tracks the level of importance placed on security analysts, as well as the state of maturity...
Up to 90% of software security problems are caused by coding errors, which is why secure coding
standards are essential. There are several secure coding practices you can adopt. But, to write truly
secure code, you need a secure coding standard.
Here, we explain what are secure coding standards and how to...
The key to reducing AppSec risk is pretty simple. It all starts with AppSec visibility and everyone looking at the same data. AppSec visibility data provides the necessary insights to assess risk and drive accountability, to make the right business and operational decisions, and of course to prioritize remediation...
To deliver a secure infrastructure-as-code service, development teams must adopt a "shift left" strategy that brings all the applications and security under one umbrella to provide faster and continuous delivery of the fully automated code, according to Ori Bendet and Igor Markov of Checkmarx.
The lack of automation and actionable threat intelligence may be preventing enterprises from developing the fully functional Cyber Fusion Centers they envision. Anomali's Mark Alba shares ideas on how to change that.
With more and more companies moving to DevOps, that statistic is likely to grow due to the increased demand for more applications faster meaning more chance for error. The good news is that these application vulnerabilities are extremely preventable through on-demand focused interactive lessons to learn how to code...
Many organizations have invested in improving their threat detection capabilities over the
past two years and express increased confidence in their ability to stop threats that have
penetrated the network perimeter. However, these organizations also cite a number of
weaknesses and areas for further improvement,...
Being an IT leader has always been challenging. Being an IT leader in today’s world of remote work? Immensely difficult. Remote work presents new security hurdles, new difficulties in providing timely user access, and new pressure to ensure business continuity with the best possible user experience.
Download this...
New research reveals that 89% of companies use a hybrid infrastructure model. But most companies have a long way to go to boost the maturity of their hybrid IT security.
See what companies are getting right and what they’re getting wrong in Okta’s new report based on a survey of IT leaders.
Get the report to...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.
