As CSO and CTO of Arbor Networks, Sam Curry is in a rare position: He can set security strategy and then go out and find the tools to execute it. Where does the human factor enter the equation, and how must we re-think our traditional strategies?
Deception technology is gaining prominence with top organizations around the world. As more practitioners join the active defense bandwagon, is your organization ready? Smokescreen Technologies' Sahir Hidayatullah shares some insights to get you going.
Deception technology could be a game-changer, with many thought leaders and organizations already getting behind the concept of "assume compromise." Smokescreen founder Sahir Hidayatullah speaks about the rise of this emerging technology.
As many as 250,000 credentials for Remote Desktop Protocol servers around the world may have been offered for sale on the now-shuttered xDedic cybercrime marketplace. So what can organizations do to mitigate related risks and avoid a major network intrusion?
Despite police disrupting alleged DDoS extortion gangs such as DD4BC, inexpensive stresser/booter services have enabled copycats to continue these attacks, says Akamai's Martin McKeay. Here's how organizations can defend themselves.
A report that the Russian government hacked into Democratic National Committee systems has security experts warning that just because malware was found on a hacked network, that doesn't mean a specific individual, group or nation-state was involved.
The nature of sophisticated fraud is changing, argues NPCI's Bharat Panchal. He shares experiences from his sector to support this idea, and he shares insights on how this will affect the security practitioner roles.
For years, organizations have been threatened by DDoS attacks on several fronts, ranging from volumetric attacks to application-level and DNS strikes. Now come ransom-based attacks. Trey Guinn of CloudFlare discusses how to respond to each type of attack.
As we prepare to mark the tenth anniversary of the PCI Security Standards Council, it's time to assess the impact PCI-DSS has had on payments security and consider whether it will remain a viable standard 10 years from now. A series of upcoming reports will address these topics.
Akamai warns of a rash of less sophisticated attempts to extort companies by threatening to strike with distributed denial-of-service attacks, which can be expensive for organizations to defend against.
Narayan Neelakantan, outgoing CISO at the National Stock Exchange of India, is concerned that the lack of capacity in incident response is going to haunt Indian organizations in the near future. He shares insight on IR maturity and the imminent need.
The Reserve Bank of India has issued new cybersecurity guidelines to scheduled banks, directing them to devise cybersecurity policies distinct from their institutions' existing IT or IS security policies.
After years of debate, the EU's General Data Protection Regulation has finally passed. What impact - if any - will the GDPR have on business and future legislation in India? Security experts weigh in on this debate.