Hard-coded passwords remain a key security flaw
Many vendors still allow hard-coded passwords to ship out with their products
Kacy Zurkus | 07 Mar | Read more
Many vendors still allow hard-coded passwords to ship out with their products
Kacy Zurkus | 07 Mar | Read more
Security threats from peer to peer communication are nothing new, but they're becoming more sophisticated, and if professionals aren’t looking for these threats, they may go undetected.
Kacy Zurkus | 09 Feb | Read more
As more enterprises increase the amount of SSL traffic, more criminals are able to hide.
Kacy Zurkus | 02 Feb | Read more
Char Yarema is of the generation of parents who did not grow up using technology, so her son, Jonathan Yarema, security consultant at Trustwave, has impressed upon her the importance of using caution and patience when surfing the web. Jon wrote about his mom’s experience in his SpiderLabs blog post, and I had the chance to talk with the security duo to learn more about their story.
Kacy Zurkus | 01 Feb | Read more
The idea that time and resources should be invested in either network security or application security is misguided as both are equally as important to securing the enterprise.
Kacy Zurkus | 18 Jan | Read more
Focusing too much on protecting only the crown jewels of the enterprise might leave gaps in security for criminals who are seeking other valuable assets.
Kacy Zurkus | 14 Jan | Read more
New payment technologies might make card present theft more difficult for criminals, but a secure payment transaction at point of sale does not diminish the risk of cyber fraud and data theft for the enterprise.
Kacy Zurkus | 09 Dec | Read more
Because legacy systems are required and often critical to the daily operations of an enterprise, many companies are still using operating systems or applications that cannot be patched.
Kacy Zurkus | 07 Dec | Read more
DDoS attacks have increased in complexity so that they are no longer an annoyance causing a disruption in service.
Kacy Zurkus | 03 Dec | Read more
Conservative enterprises have been tentative about joining forces with hackers, but third party bug bounty platforms have proven that their vetting process ensures a highly qualified and trustworthy talent pool.
Kacy Zurkus | 18 Nov | Read more
Using advanced analytics that provides context to behavioral analysis makes it easier to identify internal security threats and find individual offenders, said Gartner in a recent report on User Entity Behavior Analytics.
Kacy Zurkus | 27 Oct | Read more
In the aftermath of Edward Snowden’s controversial leaks that revealed widespread US surveillance and data gathering, researchers, scholars, lawyers, and privacy advocates gathered at the Hannah Arendt Center for Politics and Humanities at Bard College to engage in conversations about privacy and data ethics.
Kacy Zurkus | 23 Oct | Read more
In order to attract and retain highly qualified candidates who possess a combination of emotional and technical intelligence, enterprises need to look at their corporate cultures and offer more than monetary incentives.
Kacy Zurkus | 14 Oct | Read more
Enterprises going through mergers and acquisitions reap the benefits of new products and other assets, but they also acquire all of the threat vectors that have been targeting the other organization.
Kacy Zurkus | 17 Sep | Read more
While IT professionals are asking how to secure devices, networks, and platforms, policy makers are asking how to secure data and privacy.
Kacy Zurkus | 14 Sep | Read more