Data Security

Data Security | News, how-tos, features, reviews, and videos

access control / authentication / privileges / managing permissions
Mobile security

CSO  >  Botnet  >  Robots amid a blue binary matrix

What is a botnet? When armies of infected IoT devices attack

A botnet is a collection of internet-connected devices that an attacker has compromised. Commonly used in distributed denial of service (DDoS) attacks, botnets can also take advantage of their collective computing power to send large...

CSO > Security automation

New MongoDB field-level encryption can help prevent data breaches

MongoDB aims to prevent exposed data stores by encrypting data in a way that makes it useless if compromised.

European Union, EU

General Data Protection Regulation (GDPR): What you need to know to stay compliant

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that...

passwords exposed authentication hacked vulnerable security breach

IT services giant HCL left employee passwords, other sensitive data exposed online

HCL left employee passwords, customer project details, and other sensitive information exposed online with no authentication.

Tablet with lock showing secure encryption

What is quantum cryptography? It’s no silver bullet, but could improve security

In the arms race between white and black hats, the infosec industry looks to quantum cryptography and quantum key distribution (QKD). That may be just part of the answer, however.

audit binary compliance magnifying glass investigate

What is an IT auditor? A vital role for risk assessment

An IT auditor is responsible for analyzing and assessing an organization’s technological infrastructure to find problems with efficiency, risk management and compliance.

learn basics of ethical hacking

What is ethical hacking? How to get paid to break into computers

Ethical hacking is legally breaking into computers and devices to test an organization's defenses. Here’s what ethical hacking entails and the certifications and training you need to become an ethical hacker.

data security

451 Research: Security is top data management challenge

A survey of highly qualified data management professionals by 451 Research shows that growing data volumes have made security their biggest concern.

human weak link cybersecurity primary

What is a supply chain attack? Why you should be wary of third-party providers

The weak link in your enterprise security might lie with partners and suppliers. Here’s how to understand and mitigate that risk.

cyber security lock padlock firewall code breach password

The OPM hack explained: Bad security practices meet China's Captain America

How the OPM hack happened, the technical details, and a timeline of the infiltration and response.

risk assessment - safety analysis - security audit

Wanted: Data breach risk ratings, because not all breaches are equal

We need a system for data breaches that rates the real risk associated with the compromised data.

agile devops

How lean development improved software security at Fannie Mae

Continual improvement methodologies strengthen security, shorten dev cycles and help the c-suite see infosec’s value.

01 hot products at rsa 2018

Hottest cybersecurity products at RSA 2018

Here's a quick run-down of some of the new products announced at the conference, or shown there for the first time.

data breach thinkstock

Verizon report: Ransomware top malware threat of 2017, moving into critical systems

DDoS attacks are also on the rise, but spying reports are down. Fewer people are clicking on phishing links.

abstract data stream

Avoiding security event information overload

Choose a security event information management (SEIM) vendor that helps you focus on only the security event data that needs to be investigated.

7 data driven

Is your defensive security data-driven?

Data-driven defense uses an organization's own data to identify and mitigate the most important threats. Sounds good, but adoption will be met with resistance.

rules procedures guidelines process structure

SEC's new cybersecurity guidance falls short

Post Equifax, those who hoped that the US Securities and Exchange Commission would impose tougher rules (and consequences for breaking them) around reporting breaches will be disappointed.

net neutrality

Will the end of net neutrality be a security nightmare?

Effects of the net neutrality repeal are hard to predict, but there could be additional costs for using endpoint security tools if data rates rise. Best advice: Stay the course on security for now.

Load More