A key disconnect exists between awareness of financial services fraud schemes and mitigation, according to the latest "Faces of Fraud" survey sponsored by Appgate. Mike Lopez, vice president at the firm, describes some key findings.
Which are the most dangerous new attack techniques? How do they work? How can you stop them? What's coming next and how can you prepare?
This fast-paced briefing features the three people best positioned to provide answers and best able to communicate them:
the nation's top expert/teacher on mobile forensics
The Framework for Improving Critical Infrastructure (commonly known as the Cybersecurity Framework) was released by NIST in April 2014. In April 2018, NIST released update v1.1 of the Framework to enhance and clarify the Cybersecurity Framework based on comments from across all industry sectors.
Each year at RSA Conference, SANS Institute provides the authoritative summary of the most dangerous new attack techniques. Their 2019 list included accurate predictions of smartphone attacks, DNS manipulation, domain fronting, cloud-on-cloud attacks and CPU flaws.
Learn more about their 2019 list, see new data about...
DDoS attacks are getting larger in size and shorter in duration at a time when multicloud environments, which lack a single point of monitoring, are becoming more common, says Ashley Stephenson, CEO of Corero Network Security, who offers risk management insights.
CrowdStrike is out with its 2019 Global Threat Report, which includes a ranking of the most dangerous nation-state adversaries. The company's CTO, Dmitri Alperovitch, discusses the report's key findings about threats and threat actors.
Reviewing 2018 attacks, Jon Clay of Trend Micro, says social engineering persists, including phishing attacks, while criminals also continue to steal credentials, lob ransomware at targets and push cryptomining malware.
What's hot on the cybersecurity legal front? For starters, in 2018, the U.S. Department of Justice indicted twice as many alleged state-sponsored attackers than it had ever indicted, says Kimberly Peretti of Alston & Bird.
The network is much more than just the sum of its endpoints, and the imperative to secure everything has led to detection and response emerging as a top priority for many organizations, says Chris Morales of Vectra Networks.
Art Coviello, ex-CEO of RSA, is concerned about fraud trends and social media vulnerabilities. But he also is bullish on the opportunity for artificial intelligence and DevOps security to stop attacks before they cause harm.
The source code for the Mirai botnet has been updated to launch DDoS amplification/reflection attacks, although so far that capability hasn't been used, says Gary at Arbor Networks. Even so, DDoS defense planning remains essential.
When it comes to massive DDoS attacks powered by the likes of a Mirai botnet, "the sky is not falling," says ESET security researcher Cameron Camp. But organizations do need to prepare - and here's where to start.
With Verizon's data breach investigations team finding that 90 percent of breaches trace to a phishing or other social engineering attack, lead investigator Chris Novak says that using multifactor authentication should be a no-brainer for all organizations.