The 10th Cyber & Information Security Research (CISR) Conference at Oak Ridge Tn, 7-9 April 2015


The 10th Cyber & Information Security Research (CISR) Conference, 7-9 April 2015, will be held at the Conference Center, 2nd Floor, Building 5200, Oak Ridge National Laboratory, Oak Ridge, Tennessee. The conference brings together cyber security researchers, program managers, decision makers, security vendors, and practitioners to discuss many challenging tasks and novel solutions pertaining to cyber security. By Charles Hall.

10 New Information Security Roles for the Digitization Era


High demand and a limited pool of people with the right skills and experience make information security staffing a perennial challenge. Further complicating things is the fact that information security teams have not yet adapted to their changing role in digitizing companies. Digitization requires security staff to play a more diverse range of roles to meet a wider spectrum of demand from the rest of the firm. Product security specialists/managers.


Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Changing Government Requirement For Market Research to Continuous Market Assessment


This is FAR Part 10 on Market Research. We need we don't need periodic market research. We plan on doing our part to help with Continuous Market Research. Artificial Intelligence CTO Cyber Security Chief information security officer Chief Technology Officer Computer security Information security information technologyBob Gourley.

9 biggest information security threats through 2019

Network World

The information security threat landscape is constantly evolving. To help you navigate the terrain, each year the Information Security Forum (ISF) — a nonprofit association that researches and analyzes security and risk management issues on behalf of its members — puts out its Threat Horizon report to provide members with a forward-looking view of the biggest security threats over a two-year period.

NIST's Cybersecurity Framework offers small businesses a vital information security toolset

Tech Republic Security

Small businesses run lean, and bad guys know that means security may be less than adequate. NIST researchers share ways that small businesses can protect their information

Symantec Finally Agrees With Everyone Else In The Security Community: Says Antivirus Software Is Dead


But the hottest firms in cyber security, those growing because they make real, measurable, virtuous differences in enterprise security, are growing because they realized that Symantec''s core antivirus features just are not sufficient. Architecture CTO Cyber Security DoD and IC Research antivirus Computer security Fixmo Hexis Information security invincea Symantec Triumfant Wall Street Journal

Information Risk: Bug Bounties Have Gone Mainstream


As the trickle of companies incorporating digitalization into their corporate strategy turns into a flood, information security professionals are warning anyone who’ll listen about the vast array of products and services that may contain critical vulnerabilities in their software. As the chief security officer at a technology firm in CEB’s networks explained recently, “We have 40 engineers on staff whose sole job is to break software.

The Dick Jail Is 'Safe' Again, but Use at Your Own Risk

GizModo VR

Last October, security researchers warned that the Qiui Cellmate Chastity Cage had a serious security flaw that could allow hackers to turn a chastity device into a dick jail.

CTOvision Now Curating Reference To Cyber Threat Intelligence Companies


CTOvision seeks to provide information that helps enterprise technologists succeed. Our CTOvision Pro members can easily access these curated categorized lists in the following topic areas: Analytical Tools | Big Data | Cloud Computing | Cyber Intelligence | Communications | GreenIT | Infrastructure | Mobile | Security | Visualization |. CTO Cyber Security Cloud Computing Computer crime Computer security Cyberintelligence Information security threat

More Questions than Answers from Data Breach Report


Major breaches in the last year  at large companies like Target and eBay  have made information security discussions more worrying and more widespread, albeit still not universally understood. billion user name and password combinations and more than 500 million email addresses, security researchers say  news that should not be taken lightly. Big Data Cyber Security Computer security Crime Cybercrime Cybersecurity Data Breaech hackers Information security

Report 251

New Video: Automating Your Cyber Defenses Including Malware Removal


The video at this link and embedded below provides an overview of conclusions from CTOvision research into ways to automate the removal of cyber threats (including malware) from your enterprise. It highlights ten requirements CTOs, CIOs, CISOs and CFOs should articulate as critical to success in automating security response. Additional context into this topic is available in our research report downloadable here: . By Bob Gourley.

Video Shows What To Do When Your Cyber Adversaries Are Automating


The video at this link and embedded below provides an overview of conclusions from CTOvision research into ways to automate the removal of cyber threats (including malware) from your enterprise. It highlights ten requirements CTOs, CIOs, CISOs and CFOs should articulate as critical to success in automating security response. The bottom line of this research: Your online adversaries are automating. By Bob Gourley.

Video 235

InfoSec Policies and Standards: Some strategic context for those just diving into this world


Organizations are giving more priority to development of information security policies, as protecting their assets is one of the prominent things that needs to be considered. So an organization makes different strategies in implementing a security policy successfully. An information security policy provides management direction and support for information security across the organization. Policies can be enforced by implementing security controls.

Sources of cyber intelligence from governments and academia


Cyber intelligence is a growing discipline in the cybersecurity community, providing important information for cyber defenders in enterprises large and small. This very likely includes an array of external information sources that will include threat news, listings of IP addresses that are known to be associated with malicious sites, information on malicious code, and a variety of other threat information feeds. Striving to make cyber security understandable by people.

The Importance of an Online Encryption Policy


IBM’s latest Cyber Security Intelligence index report shows that: 1.5 There is a 12% year-to-year increase in security events to educate and inform organizations. There are 91,765,453 security events annually. It covers the systematic data management of the company and can also be referred to as information security policy standards when working in an on-premise, cloud, or a hybrid-computing environment.

Research Announcement Forrester Wave Q4 2019: European Cybersecurity Consulting Service Providers

Forrester's Customer Insights

age of the customer Europe information securityWe are currently considering the list of vendor participants we are planning to invite to a pre-screener for the Q4 European Cybersecurity Consulting Service Provider Wave. If you provide cybersecurity consulting services to customers headquartered in Europe and you operate in more than one key European market, with offices and substantial consulting practices based in […].

Net Threat: Nation-States and Security


Reflecting the increasing attention paid to information security by many Americans, Pew Research recently conducted a large study, “Net Threats”, to identify important trends among technology experts’ opinions and predictions regarding the future of digital security. Researchers at Pew isolated four major themes among responses, To read more please log in.

.Net 235

Invincea Announces 54 New Enterprise Customers for Its Flagship Enterprise Solution, $8.1M in Advanced Research Contracts for Its Labs Division


in Advanced Research Contracts For its Labs Division. In the first quarter of 2014, the company’s advanced research division—Invincea Labs—secured $8.1M Invincea also continued to enhance the ability for its customers to achieve more comprehensive and holistic security by expanding its advanced threat protection ecosystem with integration into Palo Alto Networks’ WildFire platform. For more information, visit [link]. By Bob Gourley.

Three Practical Steps To Improving Your Company’s AI Cybersecurity Skills


Read Spencer Young list three practical and proactive steps to improve your AI cybersecurity skills on Information Security Buzz : Much like the rest of the business world, cybersecurity teams are increasingly hearing how AI will revolutionize the way they work – usually for the better. And it’s no longer just hype – recent research […]. CTO Cyber Security News

Industry Calls for Standardization of CISO Role


Professionals from the cybersecurity industry have called for clarity regarding the role of Chief Information Security Officers (CISOs). Research from Cyber Security Connect UK (CSCUK), a forum for cybersecurity professionals, has stated that CISOs are being pulled into job requirements outside their jurisdiction and that there is a lack of transparency about the responsibilities of cybersecurity […].

Zero Trust Goes Mainstream In Europe

Forrester's Customer Insights

Over the Easter weekend, we released a new research report looking at implementing Zero Trust in Europe. In addition, general awareness of the Zero Trust security model is much lower in Europe than in the US. age of the customer information security network security security & risk security information & event management (SIEM) zero trust

Net Threats: The Glut of Information


Reflecting the increasing attention paid to information security by many Americans, Pew Research recently conducted a large study, “ Net Threats ”, to identify important trends among technology experts’ opinions and predictions regarding the future of digital security. While this is particularly important when you are looking for scientific or medical information, it is equally applicable when looking for restaurants, music, or other things that are matters of taste.

.Net 233

Stand By For Reporting From the Intelligence and National Security Summit 18-19 Sep 2014 #Intelligence2014


For the next two days in DC over 1000 key leaders from the national security community will be converging in a dynamic examination of intelligence and national security issues at the Intelligence and National Security Summit. Will the National Security Community be capable of offering security protection, including security advice, for massive commercially or privately owned networks of sensors and remotely controllable devices? National Security Agency.

Report 279

Net Threats: Deteriorating Trust in Governments and Corporations


Reflecting the increasing attention paid to information security by many Americans, Pew Research recently conducted a large study, “ Net Threats ”, to identify important trends among technology experts’ opinions and predictions regarding the future of digital security. Few topics have received more attention from technologists and security experts than Edward Snowden and the information that he leaked about the National Security Administration.

.Net 262

Tech Moves: Startup Haven grows team to lead new fund; PSL promotions; F5 Networks adds execs


F5 Networks hired Microsoft CVP Yvette Smith as SVP of customer success and business transformation and promoted Gail Coury to SVP and chief information security officer. and joined F5 Networks in 2018 as the VP and general manager of Silverline, F5’s managed security services.

Choosing a Cyber Threat Intelligence Provider with Josh Ray


Josh Ray has experience with individuals in the security and cyber threat intelligence (CTI) mission space to create a variety of different capabilities in the public, private and commercial sectors. Ray addresses the the Forrester Research report from November 3, 2015, " Vendor Landscape: S&R Pros Turn To Cyber Threat Intelligence Providers for Help." Find out more information on Verisign here. Read the Forrester Research report here. Katie Kennedy.

The Era of Security Breaches

CIO Dashboard

A full 85% of all data-related security breaches today are masterminded by organized crime, according to a 2010 Verizon Data Breach research report. With the rise in outsourcing and the advent of cloud-based services , more and more private- business and customer information gets shared among affiliates. Security experts are warning of a rise in spear phishing attacks. If you liked this, you might also like: Cloud Computing and Security: Do You Know Where Your Data Is?

The biggest risk in cloud computing is not doing it

David Linthicum

IDG Research: The state of the cloud: How enterprise adoption is taking shape. The Top 2 high-impact risks of moving to the cloud are related to information security threats. Gartner’s latest quarterly report “Emerging Risks Report” surveyed 110 senior executives about risk, audit, finance, and compliance at large global organizations. Not surprisingly, they identified cloud computing as the top concern for the second consecutive quarter.

Survey 282

What CISOs Taught Me

Forrester's Customer Insights

First off, I’d like to express how thrilled I am to join Forrester’s security and risk research (S&R) team as a senior analyst. CISO Trends Cybersecurity security risk management

The Security Innovation Network Showcase: 3-4 Dec in DC


We have been long-term supporters of the Security Innovation Network (SINET) and believe this group plays an important role in being a catalyst for innovation around enterprise cyber security. This event helps highlight emerging technologies with potential dramatic positive impact on enterprise missions and also helps advance the exchange of ideas around mission needs and concepts of operation on enterprise cyber security. Networking Lunch – Information Sharing Hour.

Rolls-Royce: Securing the Jets that Power Flight

SecureWorld News

And the company just announced it is trying something new to secure its engines by creating a security research network and funding cybersecurity efforts at Carnegie Mellon and Purdue University. Featured Airline Security Original Content IoT Security

Government IT: Making the Most of Cybersecurity Investments


With cybersecurity at the forefront of the national agenda, and with a budget to strengthen their cyber-defenses, government IT leaders are now in a unique position to make substantial changes to the ways that they secure their agencies from those with malicious intent. But does more spending power mean greater security for government agencies? Solution : Take an assessment of your current standards for your organization’s security controls (i.e.

Join Women in Cybersecurity This Week in Dallas


WiCyS continues to innovatively expand its mission to bring together women in cybersecurity from academia, research and industry. The annual WiCyS conference is organized by the Cybersecurity Education, Research and Outreach Center at Tennessee Tech in partnership with a regional university. Speakers for this year’s event include: Regina Wallace-Jones, Head of Security Operations, Facebook. Heather Adkins, Founding member of the Google Security Team. Katie Kennedy.

An update on the bounty programs

IT Pros Rock!

Back in June of this year, we announced three new bounty programs that will pay researchers for techniques that bypass built-in OS mitigations and protections, for defenses that stop those bypasses and for vulnerabilities in Internet Explorer 11 Preview. Today, we are announcing James Forshaw, a security researcher with Context Information Security, has been awarded the first Mitigation Bypass Bounty, which comes with a prize of $100,000.00.

Security challenge: Wearing multiple hats in IT

Network World

Are you taking on multiple job responsibilities at your company, including some aspects of information security? At many organizations, IT professionals are being asked to handle a variety of security tasks and functions. In a recent online survey of 287 IT and business professionals conducted by CSO, CIO and Computerworld, a majority of respondents (54 percent) said the IT department handles information security at their organization.

Set Up a Budget-Friendly Application Security Program


In May 2020, a smartphone caller identification app reported a security breach in which the personal data of more than 47.5 In contrast to common perception, app security testing doesn’t always have to be a heavy investment. Security

Budget 259

Cybersecurity Mentorship Program Pairs CISOs and Students

SecureWorld News

Each student gets paired with a Chief Information Security Officer (CISO) to test cybersecurity tools for organizations. We will provide a supply of highly effective cybersecurity and law enforcement researchers.". Featured Security Training Original Content Security Education

2020 Was a Privacy Wake-up Call: Don't Go Back to Sleep in 2021!

SecureWorld News

It also exposed some huge security and privacy vulnerabilities, which many cybercrooks have exploited thousands of times throughout 2020 for remote workers. Vendor/third-party security and privacy oversight must be improved. Three actions will dramatically improve security and privacy.

Why CISOs Need Cloud to Secure the Network


This type of connected employee, while a boon to the organization, can be a nightmare to the chief information security officer (CISO). In a modern cloud-centric digital business, the need to access information anywhere and everywhere is a top priority. Secure access service edge, or SASE, supports the need for dynamic secure access,” says Lawrence Orans , Vice President Analyst, Gartner. “It Security

CIT Hires Robert Stratton as MACH37 General Partner


He is widely known as a community-focused thought leader with special skills in enterprise technology and cyber security. Stratton adds experience in information security and entrepreneurship to MACH37™. His experience in the information security industry will be highly valuable as we move forward with the first cohort session.”. Stratton comes to MACH37™ from Polymathics, a technology startup advisory and security strategy firm.

Fed Tech Roundup December 2


How Valuable is Federal Research? Federal Spending on Information Security to Reach $11 Billion by 2020. Wins Contract in Support of DoD Information Analysis Center Program. The following are some of the hot topics in the federal technology ecosystem (from and ): Fed Tech Ticker. Zuckerberg Vows to Daughter He'll Donate 99% of His Facebook Shares - New York Times.

Access Denied to COVID-19 Crunching Supercomputer after Cyberattack

SecureWorld News

based supercomputer from EPPC systems, and an invaluable resource for researchers studying global issues—including one group that was working on a coronavirus vaccine. Officials started investigating and informed the community that they will not be able to 'to log in or to submit new jobs.'".

Guidance Software Federal Summit 6 March 2014


Recognized as a pioneer in the field of classified information protection, Mr. Bigman developed technical measures and procedures to manage the nation’s most sensitive secrets. As an information security trailblazer, Mr. Bigman participated in developing security measures for Government computers well before commercial industry found the Internet. Mr. Bigman is now an independent cyber security consultant and president of 2BSecure LLC in Bethesda, Maryland.