A recent survey showed that surprisingly, a large percentage of retailers still have no data breach response plan in place.
Cyber threats are evolving quickly. Fortunately, so is incident detection and response (IDR), powered by data explains Eric Sun, with techniques such as honeypots identifying suspect behaviour.
National Audit Office (NAO) report says NHS trusts were left vulnerable to the unsophisticated Wannacry attack because NHS chiefs ignored cyber-security recommendations. UK Government holds North Korea responsible.
During a recent chat, Ian Trump - also known as phat_hobbit on Twitter - said the cyber-security industry had some difficult questions to answer in the wake of WannaCry.
Gavin Russell discusses why having a defined a cyber-response process is important, and why it should be pro-active, covering all likely outcomes.
Research from security company Okta is claiming that companies which aren't agile on technology upgrades are putting themselves at risk of cyber-attacks.
A security researcher claims to have hacked an Amazon server and dumped the information of tens of thousands of users online. Even though several sources appear to speak for the data's legitimacy, Amazon says it's nonsense.
An alarming 36 percent of businesses have yet to develop a cyber-attack response plan.
Today's panel at IPEXPO discussed the common bad habit of blaming the victim rather than the criminals who committed the crime.
Sarb Sembhi, Thomas Naylor, Thomas Whipp and Matt Holland joined forces at SC Congress to teach a willing audience how to respond to a breach.
Rapid 7's Trey Ford call for organisations to share data on security breaches to inform investigations, with regulation if necessary, while Rapid 7's 2015 Incident Detection Response Survey catalogues current concerns.
Security professionals can't afford to work in isolated bubbles when the attackers are openly sharing information about system vulnerabilities, says Dr Luke Hebbes, Kingston University, in our SC: Video Interview series.
Silver Shadow draws together authorities from eight countries to test response by US and European law enforcement to a large scale cyber-attack.
No one wants to plan for a breach, but its what you ought to do if you want to minimise the costs, data losses and reputational damage when the inevitable happens, hence the avid pre-planning at last week's SC roundtable.
Industry leaders gathered this week in the City of London's Sky Garden to discuss that most pressing of issues: How to respond to a breach - successfully.
A Netgear router vulnerability remained unpatched for months after it was discovered by security researchers, leaving thousands of the devices under active attack.
Cyber-attacks are a top threat to organisations today; however, despite an increased effort to keep up with the rising scale and complexity of threats, IT teams are struggling to defend their networks, says Mike Smart.
If you want to get incident response right you need to channel Chuck Norris and become a bit more like the Scooby Doo team, says SANS instructor Steve Armstrong.
Too many false positives inevitably reduce response times - and even response numbers - so raise the verification bar and thereby limit them says Chandra Sekar.
In the wake of successful cyber-attacks, and security incidents taking down some of the biggest brands on the planet, impacting critical infrastructure and banking systems alike, it may be asserted that, when it comes to technology, by evidenced implication, it would seem to be exposed, fragile and vulnerable.
A new state centre for cyber-threat response is being established in Russia this year, expected to be formally approved in March according to a Russian Parliament spokesperson talking to SCMagazineUK.com.
Don't capitulate, have a plan in place, and of course, prevention is better than cure when it comes to tackling the prospect of DDoS ransom attacks says Dan Holden.
RSA has announced the launch of new software and services to defend and mitigate against attacks.
The European Commission's plan for a secure and open internet depends on national security strategies and cooperation.
After a widely reported zero-day vulnerability affecting Java and another rumoured to be trading for $5,000, Oracle has admitted that there has been a 'relative silence on the issue' around Java security.