HackDig : Dig high-quality web security articles for hacker

Three Questions Every CISO Should Be Able to Answer

Working with technical officers and cyber security specialists around the world, our conversations often center around a few key themes – the risk posed by IoT, the difficulty of detecting potentially malicious data transfers, and the overall lack of visibility into user and device activity.These concerns are largely the result of today’s complex and sprawli
Publish At:2017-08-24 14:15 | Read:222 | Comments:0 | Tags:INDUSTRY INSIGHTS Management & Strategy

The Art of Measuring Security Success

As the budget planning season approaches, discussions of how to measure security success to justify resource allocation or expansion return to the agenda. There are plenty of great articles that can help you identify security metrics to demonstrate the value of security programs, but before leaping to the selection of metrics, we must first define success. T
Publish At:2017-07-20 15:31 | Read:323 | Comments:0 | Tags:INDUSTRY INSIGHTS Management & Strategy

Top Reasons to Pay Attention to the Dark Web

By Understanding the Dark Web, You Can Take a Proactive Approach that Helps Reduce Uncertainty and Improves Overall Cyber ResiliencyThe anonymity offered by the Dark Web, accessed by TOR, creates a safe-haven for malicious actors and criminals. These are the same bad guys that have, or likely will soon, launch a cyberattack on your organization. With the see
Publish At:2016-01-30 00:05 | Read:825 | Comments:0 | Tags:INDUSTRY INSIGHTS Risk Management Cybercrime

The Social Media Train Has Left the Station - Jump on with Open Eyes

The question of banning social media or not is no longer on the table – the social media train has left the station. Organizations that get on board are realizing significant benefits in the new ways it offers to interact with, understand and serve the public. But social media also provides new ways for cyber criminals to perpetrate existing types of cr
Publish At:2016-01-29 06:00 | Read:778 | Comments:0 | Tags:INDUSTRY INSIGHTS Risk Management Cybercrime

Your Line of Business Hates Access Certifications - You Should Too!

Like Many Compliance-driven Efforts, Access Certifications are Often Hastily Implemented to Satisfy Auditors...Line of business (LOB) managers hate access certifications (or recertifications). From their perspective, it’s a bit like asking them to systematically visit every seat in a theater, during the feature film, and act as “theater police”, checking tic
Publish At:2016-01-27 17:50 | Read:755 | Comments:0 | Tags:INDUSTRY INSIGHTS Identity & Access

Data Loss Prevention: Make It Work

Like leg warmers, data loss prevention (DLP) is back. Unlike leg warmers, DLP is actually cool, increasingly sophisticated, and something, to steal from Tim Gunn, companies will want to make work. As the name implies, DLP is about preventing loss or misuse of data. By various means, including content discovery and analysis, it helps preclude end users from
Publish At:2016-01-26 23:45 | Read:600 | Comments:0 | Tags:INDUSTRY INSIGHTS Data Protection

It's Official, Ransomware Has Gone Corporate

In late 2014 my company predicted that ransomware attacks would shift from consumers to businesses to extort larger ransoms for unlocking encrypted files. Unfortunately, this prediction has come true. Recent Data from the FBI's Internet Crime Complaint Center (IC3) shows ransomware continues to spread and is infecting devices around the globe. IC3 identified
Publish At:2016-01-26 05:40 | Read:801 | Comments:0 | Tags:INDUSTRY INSIGHTS Malware

Show me the Money: Cybercriminals Hijack Online Resources to Boost Profits

Two decades ago the movie Jerry McGuire premiered and the phrase “show me the money” was launched into the popular lexicon. Today, nimble cyber criminals are motivated by those same words, continually looking for ways to boost profits with the most efficient methods they can devise.  In the latest round of attacks, they are hijacking legitimate online r
Publish At:2016-01-21 17:10 | Read:453 | Comments:0 | Tags:INDUSTRY INSIGHTS Cybercrime

Growth in Endpoint Threats Calls for A Proactive Mindset

Organizations are Failing to Take Basic Precautions That Could Keep Attackers Out...If you were a robber which house would you break into: the one with the chain link fence and security cameras, or the one without? This should be a no-brainer. But the message doesn’t seem to translate to the digital world. Historically CIOs/CISOs have had to trade off securi
Publish At:2016-01-20 23:05 | Read:726 | Comments:0 | Tags:Endpoint Security INDUSTRY INSIGHTS Mobile Security

Building Security In versus Building Security On

Built in or bolted on? When have you ever seen “bolted on” as the first choice of anyone in just about any imaginable scenario? Yet for software security, “bolted on” is certainly the norm.Every day, applications are created or revised with inherent vulnerabilities that leave the software open to attack. These are not exotic, complex, ingeniously crafted vul
Publish At:2016-01-14 22:25 | Read:814 | Comments:0 | Tags:INDUSTRY INSIGHTS Application Security

Was 2015 the Year of Breach Fatigue?

In 2014, we consumers were beset with news of breaches at eBay, Home Depot, and J.P. Morgan Chase. By designating 2014 as “The Year of the Mega-Breach,” the security community had hoped to bring awareness to the challenge of protecting customer data. But it turns out that the breaches of 2015 make the previous year’s ones pale in comparison. There were a cra
Publish At:2016-01-14 04:20 | Read:924 | Comments:0 | Tags:INDUSTRY INSIGHTS Incident Response Data Protection

Distinguishing Threat Intelligence From Threat Data

Threat intelligence feeds have become a major component of many organizations’ cybersecurity diet. A wide variety of security vendors offer up an equally wide assortment of threat feeds of the latest malware payloads, malicious domains, websites, IP addresses, and host-based indicators of compromise (IoCs). The idea behind these threat feeds is largely the s
Publish At:2016-01-12 16:10 | Read:704 | Comments:0 | Tags:INDUSTRY INSIGHTS Incident Response Risk Management Security

Cutting Through the Noise: How to Manage a Large Volume of Cyber Alerts

As we have seen with cases like the Target breach, failure to adequately investigate and effectively react to security alerts can have devastating consequences for businesses and customers.  Security professionals today have to deal with an escalating number of risk alerts to better manage and prioritize alerts and their response to them.  This is
Publish At:2016-01-11 22:05 | Read:495 | Comments:0 | Tags:INDUSTRY INSIGHTS Incident Response

2016 Cyber Threat Predictions to Use to Your Advantage

With a Better Understanding of What the Future May Hold, Cyber Defenders Can Gain an Upper Hand With the AdversaryPredictions describe a set of events that will or are highly likely to happen in the future; they connote a degree of inevitability. But that isn’t my intent with these predictions about cyber threats. Instead, my goal is to describe how we
Publish At:2016-01-08 03:40 | Read:613 | Comments:0 | Tags:INDUSTRY INSIGHTS Management & Strategy

Relationships: Critical to the Security Posture of Your Organization

There are some people in this world who will only call you when they need or want something. I’m sure we’ve all come across this type of person more than a few times. When you have something they’re after, they are your best friend. The minute that is no longer the case, the seemingly warm relationship suddenly goes cold. What some people don’t realize, unf
Publish At:2016-01-08 03:40 | Read:622 | Comments:0 | Tags:INDUSTRY INSIGHTS Management & Strategy

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud