3 Payloads in Healthcare Data Breaches
The news is full of a variety of attacks on healthcare data, ranging from ransomware attacks on small clinics and large hospitals to the massive data theft from the behemoth Veteran’s Administration and myriad threats in between. But as is the case with attacks in other sectors, typically little thought ... Read More
3 Tips in Training Machine Learning for Security Work
If you’ve been evaluating new security tools, you’ve undoubtedly heard machine learning (ML) touted many times. It is fast becoming the backbone of all modern software, security systems included. Thus, it appears that resistance is futile, as some version of Skynet is likely inevitable—although which version ultimately manifests depends entirely ... Read More
6 Ways Machine Learning Can Help with Security
If you were to believe all the marketing buzz about machine learning, you would think it the answer to all security teams’ prayers. But it isn’t. At least not yet. Even so, machine learning is pretty powerful tech and there are places it can be helpful to your security measures ... Read More
Stealing Infrastructure: Cryptomining Attacks on Container Environments
Usually the target is data and the goal is theft. But thieves are expanding their horizons and aiming to cash in elsewhere. A new target recently exposed by researchers at Aqua Research is computing resources: The team says containers are being commandeered for cyptocurrency mining, or cryptomining. “We think that ... Read More
What Security Pros Need to Know About Machine Learning in the Year Ahead
If you are to believe the marketing hype, artificial intelligence (AI) is a superhuman security entity that far supersedes your puny, mortal skills. But that’s just swill for the bean counters who likely wish they could dump payroll as a line item from their budget spreadsheet. It’s certainly not the ... Read More
Army to Commission Civilians as Cyber Officers
The U.S. Army has announced its pilot program to directly commission civilians as cyber operations officers is close to launching. Lt. Gen. Paul Nakasone, commander of U.S. Army Cyber Command, said the pilot program was approved Oct. 27 and the Army will begin selecting officers in a few months. Specifically, ... Read More
How CISOs Can Successfully Talk Security to CEOs
It would be funny, if it were not so frustrating, that two individuals so intent on managing risk don’t understand one another. But that is the fundamental problem between business and security leaders. The gap is so huge that bridging it may seem nearly impossible. Yet, it can be done ... Read More
7 Strategies to Secure Enterprise IoT
The internet of things (IoT) is opening a whole new world of possibilities. Unfortunately, it also is creating a whole new world of threats too, such as ransomware of things (RoT). Here are seven things enterprises can do to better secure their IoT. Know your network. Know what IoT devices ... Read More
Cybersecurity and Machine Learning/AI: What’s the Real Impact?
Will AI render human analysts obsolete, or be an extension that helps them be more effective? How about bad guys? Are we headed for an AI showdown? Here’s the lay of the land in AI territory now. The buzz on artificial intelligence (AI) is deafening. Depending on who is hawking ... Read More
Open Source: DevOps Security’s Best Teacher
According to the 2017 DevSecOps Global Skills Survey, 76 percent of developers lament the lack of security training in formal curriculums. Most (65 percent) end up learning on the job instead, but that can be difficult, as 7 out of 10 developers say their employers lack the resources or will ... Read More
