| 
Stuxnet, The Prequel: Earlier Version Of Cyberweapon Discovered
Symantec finds 'missing link' in infamous Stuxnet malware that sabotages another piece of equipment in Iranian nuclear facility--attackers became more aggressive as campaign ensued
Cloud Security Falls Short ... But Could Be Great
A combination of immature security tools, weak partnerships, and a lack of strong commitment to security leaves cloud service firms short of providing strong protections
Google Security Vulnerability Allowed Two-Step Verification Bypass
Researchers at Duo Security detailed an attack that could have allowed a hacker to hijack a user's Google account
RSA, Juniper Team Up In Threat Intelligence-Sharing
Intelligence-sharing among vendors--and about attacks on vendors--key to thwarting today's attacks, officials say
Investors Value A Company's Cybersecurity Record
New HBGary report says majority of U.S. investors steer clear of investing in companies that have suffered multiple data breaches—and they worry more about theft of customer data than intellectual property
Businesses Feel Impact Of IT Security Skill Shortage, Study Finds
(ISC)2 workforce study shows lack of cybersecurity personnel, resources affects bottom line
Debate: Does Security Awareness Training Actually Improve Enterprise Security?
It has been an ongoing debate for years: On one side are experts who say that proper end user training is an essential element in their security. On the other side are experts who say that it is a waste of time and the best solution is to implement technology and controls to protect users from themselves.
Keynote Sessions
Includes "Strong Authentication and Pseudonymity on the Internet," by Google's Vint Cerf; "The Hyperconnected World of Intelligent Devices: A New Era for Security," by SANS Institute's John Pescatore; and "Securing the Data Center's Future Today," by Cisco's Christopher Young.
Podcast: The New Fundamentals of Security
McAfee's Worldwide CTO, Michael Fey, warns the current trajectory of the security landscape will lead to industry failure. Learn what IT professionals must do today to prepare for what's on the horizon tomorrow and how strategies must change to account for all threat vectors.
|  | 
How Cybercriminals Choose Their Targets And Tactics
They are out to get you, make no mistake. But there are things you can do to make sure that your organization is unappealing to a cybercriminal bent on finding easy pickings. The key is to understand what cybercriminals are looking for and how they go about the business of infiltrating vulnerable systems and networks.
Cloud ID Management
Identity management is tricky, especially for cloud and SaaS applications. How do you build an identity management framework for all your cloud applications? This report discusses four approaches, how they work, and the upsides and downsides of each option.
Network Monitoring As a Security Tool
The use of network monitoring tools in a security context can help companies fill gaps in protection as well as identify potential problems. Used strategically, network monitoring tools may help enterprises to detect potential security problems that they might otherwise have missed -- while also helping security organizations justify additional investment.
Building and Maintaining Database Access Control Provisions
Knotted and complex database access permissions are among the biggest threats to enterprise data security. In this Dark Reading report, we examine the problems associated with granting permissions to sensitive data, and recommend solutions that will help organizations thoughtfully and effectively grant privilege when and where it is needed - and only when and where it is needed.
| |
