How machine learning impacts information security

O'Reilly Media - Ideas

Burt and cybersecurity pioneer Daniel Geer recently released a must-read white paper (“Flat Light”) that provides a great framework for how to think about information security in the age of big data and AI. Continue reading How machine learning impacts information security

Is Information Security the Right Profession for Me?

Linux Academy

Wondering if information security is the right profession for you? I’ve been working in information security for many years and have had the opportunity to fill a variety of roles. First off, there are many different jobs within information security.

Georgia bill could stifle the state’s booming cybersecurity community

The Parallax

A new bill winding its way through the Georgia state senate has cybersecurity experts on alert. As Senate Bill 315 is currently written, academics and independent security researchers alike could be subject to prosecution in Georgia alongside malicious hackers.

Why health care cybersecurity is in ‘critical condition’

The Parallax

government-sponsored Health Care Industry Cybersecurity Task Force delivered more than 100 recommendations to the Department of Homeland Security to make medical technology more resistant to hackers. READ MORE FROM ‘NO PANACEA FOR MEDICAL CYBERSECURITY’.

How to Package and Price Embedded Analytics

With this approach, you turn features off and on through visibility controls, conditional logic, and your application’s security model. You need to be able to use your existing security. leveraging adaptive security models >. security • Dashboards • Widgets • Pages • Tables.

Netflix Information Security: Preventing Credential Compromise in AWS

Netflix TechBlog

Today, we would like to share two additional layers of security: API enforcement and metadata protection. For more information on how the AWS services mentioned work, see the Background section at the end of this post. cloud-computing netflixsecurity security cloud-security aws

AWS 81

4 ways to build a better security culture

TechBeacon

While the vast majority of security professionals believe a stronger cybersecurity culture would improve their business, nearly all companies—95%—have a gap between their desired culture and reality, according to new research. Security, Information Security, Information Security (Info Sec

Cybersecurity Style Guide helps you write like a hacker

The Parallax

The Bishop Fox Cybersecurity Style Guide , published last week , was developed over the last year and a half to fill a vacuum, says its lead editor, Brianne Hughes. My real goal was to bridge the gap between people who are writing in security, and the people who have to read that.”.

How hackers are approaching medical cybersecurity

The Parallax

READ MORE ON MEDICAL CYBERSECURITY. Dr. Paul Pugsley’s medical cybersecurity crisis in the Emergency Room was part of a simulation at the CyberMed Summit 2018 to teach doctors about complications that can arise from cyberattacks against medical devices and hospitals.

How Should CIOs Handle More Cybersecurity Regulations?

The Accidental Successful CIO

As our companies understand the importance of information technology and acquire more and more valuable information, the bad guys keep trying to find ways to break in and steal customer credit card and personal information.

5 Early Indicators Your Embedded Analytics Will Fail

application admins say it’s a pain to manage security settings in two different places.” When we need to update the information in the dashboard, we don’t like having to leave. Updating your application’s dashboards and reporting features. may feel optional—until suddenly it’s not.

Abandoned mobile apps, domain names raise information security risks

Kacy Zurkus - CSO Online

The apps can still contact custom domain names for arbitrary tasks like configuration changes, application updates or publishing information. The traffic from a mobile device that is still trying to connect to an old and expired domain exposes lots of personal information — contact data, text messages, pictures, GPS data and call logs all sitting at risk of an attack.

6 cybersecurity trends we’re thankful for

The Parallax

You might think of cybersecurity professionals as tech’s collective “ watchers on the wall ”—the guardians who let you know when doom is coming. Here are six things on the cybersecurity and privacy front we’re glad that organizations are helping consumers become more aware of than ever before.

Trends 161

Getting Started with Cloudera’s Cybersecurity Solution

Cloudera Engineering

A quick conversation with most Chief Information Security Officers (CISOs) reveals they understand they need to modernize their security architecture and the correct answer is to adopt a machine learning and analytics platform as a fundamental and durable part of their data strategy.

Context Conversations preview: Election security

The Parallax

When it comes to election security, it’s hard not to think of the United States as a proverbial dumpster fire. And while some states are taking steps to secure their voting processes, many are not. Why current funding to secure U.S.

Why “Build or Buy?” Is the Wrong Question for Analytics

What’s more, they gain the security of working with. informed decisions. workflows and security models. WHY “BUILD OR BUY?” IS THE WRONG QUESTION FOR ANALYTICS Introduction.1 When to Build Your Own Analytics. 2 When to Buy a Bolt-On Solution. 6 When to Take a Combined Approach.

The 10th Cyber & Information Security Research (CISR) Conference at Oak Ridge Tn, 7-9 April 2015

CTOvision

The 10th Cyber & Information Security Research (CISR) Conference, 7-9 April 2015, will be held at the Conference Center, 2nd Floor, Building 5200, Oak Ridge National Laboratory, Oak Ridge, Tennessee. The conference brings together cyber security researchers, program managers, decision makers, security vendors, and practitioners to discuss many challenging tasks and novel solutions pertaining to cyber security. By Charles Hall.

Hackers love Docker: Container catastrophe in 3, 2, 1.

TechBeacon

Security, Information Security, Security Blogwatch, Containers, Information Security (Info Sec The day we all feared would come has come.

106
106

Israel’s cybersecurity industry is a unicorn. Here’s why

The Parallax

Fewer attendees, perhaps, expected him to reference the Hollywood action movies of Jean-Claude van Damme, who happened to be sitting in the front row for the highest-profile speech of Israel’s largest cybersecurity conference. Cybersecurity is a true blood sport,” Netanyahu quipped.

Infosec in 2018: A year of fail

TechBeacon

Security, Information Security, Information Security (Info Sec Farewell, 2018 —we hardly knew you.

85

The 5 Levels of Analytics Maturity

relationship between applications and analytics by adding single sign- on security, co-presentation of content, and eventually workflow. At Level 1, Bolt-On Analytics, the addition of security integration provides single sign-on functionality. to information.

Phobos ransomware spreads fear due to your terrible infosec

TechBeacon

Security, Information Security, Security Blogwatch, Ransomware, Information Security (Info Sec Yes, ransomware is still a thing. The latest nasty doing the rounds is Phobos—a variant of Dharma and CrySiS.

102
102

In the gig economy, a cybersecurity divide

The Parallax

Not likely , but those questions go to the heart of the tension between the gig economy and cybersecurity. Because the companies they contract with aren’t communicating or enforcing best security practices as intensely.

Security chatbot empowers junior analysts, helps fill cybersecurity gap

Kacy Zurkus - CSO Online

The alarming number of unfilled jobs in information security has many leaders in the industry wondering how to solve the manpower problem. Awareness is part of the problem — in that the pipelines aren't getting filled fast because many young people don't know about jobs in security. A second problem of awareness, though, is the inherent problem in a majority of security operation centers (SOCs) — programming language.

Things To Do Right Now About Your Cybersecurity Workforce Crisis

CTOvision

Intel Security has released Hacking the Skills Shortage , a report revealing the current cybersecurity workforce crisis. The shortage in cybersecurity skills has done measurable damage to companies. Additional key findings of the survey include: 82% of respondents reported a shortage of cybersecurity skills. 9 out of 10 respondents say that cybersecurity technology could help compensate for skill shortages. Bob Gourley.

The Definitive Guide to Creating a Reliable Mobile App

2017 in cybersecurity and privacy news

The Parallax

From rampant ransomware to the Equifax breach to geopolitical machinations, it’s hard not to be a cynic about the past 12 months of security and privacy news. And not all federal cybersecurity decisions this year were necessarily harmful to consumers.

The state of IoT security: OWASP Top Ten highlights challenges

TechBeacon

How has the security of the Internet of Things evolved in recent years? Security, Information Security, Internet of Things (IoT), Information Security (Info Sec TechBeacon last visited the topic in 2017 and found the picture to be troubling at best. Now, for the first time since 2014, OWASP has updated its own Top Ten list of IoT Vulnerabilities.

IoT 68

Red Owl Analytics: Enabling information security and compliance teams to proactively tackle insider risk

CTOvision

Red Owl Analytics is a highly regarded provider of a software solution that enables security and compliance teams to proactively tackle their most pressing problem-- insider risk. Guy finished his Army career as a special assistant to the Director of the National Security Agency.

Why Security and IT Ops must team up in 2019

TechBeacon

Security, Information Security, IT Operations, Security Information and Event Management (SIEM), Information Security (Info Sec Neil Simon's play and film The Odd Couple hinged on two characters, Oscar and Felix, who had entirely different priorities but found themselves living together—and creating frustration for each other.

Film 62

Iterate Your Way to a Top Analytics Product Experience

Speaker: Richard Cheng, Associate Product Manager, Mark43

To fix traditionally paper-heavy and error-prone processes, they needed a secure and easy-to-use product experience that simplified and unified crime data collection and management. Mark43 is on a mission to bring public safety data management into the 21st century.

7 million domains vulnerable to 'easy' takeover

TechBeacon

How secure is your website? Security, Information Security, Security Blogwatch, User Authentication, Information Security (Info Sec This week brings worrying news about how easy it is to take over accounts at the biggest web hosting providers.

Scale and Speed with Cyber Security

CTOvision

Dealing with the scale that the internet can deliver, has unfortunately left us with a series of other non-optimal cyber security approaches and solutions. In cybersecurity we’re have a hard time dealing with scale. Out of all the problems to deal with subverting bureaucracy to enable security scaling is the hardest. All three when synchronized create strong feedback loops and learning curves for the enterprise leading to a strengthened cyber security posture.

Yet another privacy fail boosts #DeleteFacebook momentum

TechBeacon

Security, Information Security, Information Security (Info Sec), Computer Privacy, Security BlogwatchYet more bad news for Facebook. This week brings revelations that Zuckerberg’s finest really have been selling your private data.

Software Defined Perimeter, Cloud Security Alliance: Coca-Cola Case Study

CTOvision

One of the many topics coved at the event was software defined perimeter and cloud security alliance. Next Steps for the Cybersecurity Framework (vormetric.com). On September 30 th Sierra Ventures hosted their 9th CIO summit in Palo Alto, CA.

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

THE BASICS: Single Sign-On, Security Integration. As more users have relevant information at their ingertips to book lights, purchase. to update information from within the. Flexible Security Application teams have already invested. security model and setting up diferent.

Smart Cities Cybersecurity Challenge

CTOvision

Smart Cities will become a full-scale cyber war battleground unless Congress mandates cybersecurity. Big Data and Analytics Cloud Computing CTO Cyber Security Cyber War Government Cyberwar smart cityThe biggest danger in Smart Cities is the assumption that IoT sensors communicating over a 5G fabric to Machine Learning and Blockchain systems will be safe from cyberattacks. To the contrary Smart Cities suffer from all the cyber vulnerabilities we have today [.].

Google panics as huge new bug found in Google+

TechBeacon

Google found another security hole in Google Plus. Security, Information Security, Security Blogwatch, Information Security (Info Sec It happened again , but this time it's 100 times worse.

73

Panera Bread’s feckless security puts consumers at risk

The Parallax

Security researcher Dylan Houlihan says he notified Panera Bread, a chain of more than 2,000 stores in the United States, of a website vulnerability in August 2017. How to attack security issues like Google and Microsoft just did.

Mueller’s indictment of election hackers a cybersecurity ‘wake-up call’

The Parallax

As Dave Aitel, former NSA cybersecurity analyst and the current chief security technical officer of cybersecurity company Cyxtera tells The Parallax, the details of the indictment indicate the high level of confidence the Justice Department has in its charges. Regardless of U.S.