• The importance of encryption and key management for security practitioners

    In this podcast recorded at RSA Conference 2015, Tsion Gonen, Chief Strategy Officer at Gemalto, talks about how if you're going to do encryption, make sure you do it right. Encryption done wrong is worse than nothing. You have to think about centrally, efficiently, and securely managing and storing cryptographic keys and policies - across the key management lifecycle and throughout the enterprise.

  • The importance of good threat intelligence

    The cyber-threats our organizations face are continuing to evolve, partly in respect to the broadening motivations behind attacks, and partly due to the increased sophistication of the attacks themselves. We have all seen the motivations behind cyber-attacks broaden over the last few years, with extortion, vandalism, ideological hacktivism, data-theft and financial fraud all regularly in the news.

    On the technical side of things, toolkits and obfuscation techniques are readily and cheaply available within the cyber-criminal community. And of course we have state-associated threat-actors who have significant resources behind them to develop and utilize new tools and exploits.

  • Thereís no security without trust

    Trust. Itís a small word but it conveys a lot. To many it is the cornerstone of security, because without trust there can be no security.

    To operate securely in the online world, businesses need to trust the technology they use. These same organizations need to trust their partners and suppliers, especially when they have access to the organizationís data and systems. They need to trust their staff to follow policies, to apply what they learn from security awareness sessions, and to use the tools provided to them to keep their activities secure.

  • Global black markets and the underground economy

    Adam Tyler is the Chief Innovative Officer at CSID. In this interview he discusses global black markets, what type of information is most valuable for cybercriminals, modern malware, and much more.

  • Strengthening trust in a highly connected world

    In this podcast recorded at RSA Conference 2015, Dave Rockvam, Vice President of Product Management at Entrust Datacard, talks about how employees and other authorized users want convenient access to facilities, networks and apps. They want consistent experiences on phones, tablets and PCs. And they want to collaborate freely with peers and work with anywhere-anytime flexibility.

    New demands are changing the way we think about security and creating the need for end-to-end secure solutions. Just as the connectivity of our world is transforming the way we live and work, this new understanding of security is impacting the very core of how organizations operate.

  • Combating insider threats in the contact center

    Advances in security technology are making many payment channels safer than ever for consumers, however, they are also forcing professional fraudsters to concentrate on an ever-diminishing number of more vulnerable targets. One of these is the traditional contact centre, where the huge volume of daily Card Not Present (CNP) transactions being processed, combined with often lax physical security measures, is making them an increasingly attractive target for criminal gangs.

  • Practical applications of machine learning in cyber security

    As more and more organizations are being targeted by cyber criminals, questions are being raised about their planning, preparedness, and investment into cyber security in order to tackle such incidents. The adoption of cloud technologies and the invasion of social media platforms into the workspace have added to the problem. Experts believe that most organizationsí cyber-security programs are not a match for the attackersí persistence and skills. Does the answer to this problem lie in machine learning and artificial intelligence?

  • Cloud security best practices during all phases of the infrastructure lifecycle

    In the era of cloud technology, online attacks are becoming more sophisticated. The days of drive-by exploitation are passing us by, replaced by attackers who run continuous penetration and vulnerability assessments. As organizations migrate more projects to the cloud, there is a distinct need to incorporate security best practices throughout the lifecycle of their products and infrastructure to counteract these more sophisticated attacks.

  • Product spotlight: Qualys Continuous Monitoring

    Todayís cyber attacks are often a result of cyber criminals scanning and attacking networks on a continuous basis, coupled with an event-driven approach to monitoring an organizationís perimeter. As a result, vulnerable machines can be exploited within hours with toxic combinations of scenarios that can lead to compromises in their IT environments such as zero-days and phishing scams, which can instantly expose an organizationís data.

    In this podcast recorded at RSA Conference 2015, Wolfgang Kandek, CTO at Qualys, talks about how their Continuous Monitoring (CM) solution for the perimeter now includes internal monitoring capabilities enabling organizations to proactively monitor and get real-time alerts for critical internal IT assets such as desktops, servers and other devices.

  • The slow death of static security detections: Beginning of SIEM deployments

    In this two part series, Nir Polak, CEO and co-founder of Exabeam, will discuss why static security detection methods can no longer protect enterprises from advanced hacking efforts and what the industry must do to evolve.

Videos      Podcasts


Keeping passwords safe from cracking

A group of researchers from Purdue University in Indiana have come up with an effective and easy-to-implement solution for protecting passwords from attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, May 22nd