Pub Date : 2023-04-01DOI: 10.12968/s1353-4858(23)70015-9
Alan Stewart-Brown
Forget the ‘edge vs cloud’ debate. These technologies each have their place, but they are both vulnerable to certain kinds of threats. And it is these risks that should be front of mind – especially for organisations adapting to new kinds of working.
{"title":"Secure and resilient remote access is what really matters","authors":"Alan Stewart-Brown","doi":"10.12968/s1353-4858(23)70015-9","DOIUrl":"https://doi.org/10.12968/s1353-4858(23)70015-9","url":null,"abstract":"Forget the ‘edge vs cloud’ debate. These technologies each have their place, but they are both vulnerable to certain kinds of threats. And it is these risks that should be front of mind – especially for organisations adapting to new kinds of working.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"102 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86031546","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-04-01DOI: 10.12968/s1353-4858(23)70018-4
J. Pescatore
The threat landscape is never static. If you are to stay one jump ahead of attackers, you need to evolve your defences – with threat awareness and education being among our most important defences.
{"title":"Tackling new and emerging threats","authors":"J. Pescatore","doi":"10.12968/s1353-4858(23)70018-4","DOIUrl":"https://doi.org/10.12968/s1353-4858(23)70018-4","url":null,"abstract":"The threat landscape is never static. If you are to stay one jump ahead of attackers, you need to evolve your defences – with threat awareness and education being among our most important defences.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"118 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82487949","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-04-01DOI: 10.12968/s1353-4858(23)70016-0
Gemma Moore
{"title":"The right balance between controls and teams","authors":"Gemma Moore","doi":"10.12968/s1353-4858(23)70016-0","DOIUrl":"https://doi.org/10.12968/s1353-4858(23)70016-0","url":null,"abstract":"","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79838898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-01DOI: 10.12968/s1353-4858(23)70013-5
Steve Mansfield-Devine
Organisations seem to accumulate cyber security solutions, to the point where they become difficult to use and it becomes impossible to ensure that they are operating efficiently. The result can be unnecessary and expensive duplication as well as unseen gaps that leave you vulnerable to attack.
{"title":"Do you have too much security?","authors":"Steve Mansfield-Devine","doi":"10.12968/s1353-4858(23)70013-5","DOIUrl":"https://doi.org/10.12968/s1353-4858(23)70013-5","url":null,"abstract":"Organisations seem to accumulate cyber security solutions, to the point where they become difficult to use and it becomes impossible to ensure that they are operating efficiently. The result can be unnecessary and expensive duplication as well as unseen gaps that leave you vulnerable to attack.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"43 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73308722","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-01DOI: 10.12968/s1353-4858(23)70014-7
Thomas B. McVey
{"title":"Is ChatGPT really a cyberthreat?","authors":"Thomas B. McVey","doi":"10.12968/s1353-4858(23)70014-7","DOIUrl":"https://doi.org/10.12968/s1353-4858(23)70014-7","url":null,"abstract":"","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"5 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78791647","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-01DOI: 10.12968/s1353-4858(23)70012-3
Dmitry Bestuzhev
NewsPenguin is a previously unknown threat actor, targeting Pakistan with an advanced espionage tool. The group's campaign seemed to be geared to targeting visitors to a major trade show. However, an analysis of its techniques and technologies throws some interesting light on how targeted attacks are being deployed.
{"title":"NewsPenguin threatens Pakistan","authors":"Dmitry Bestuzhev","doi":"10.12968/s1353-4858(23)70012-3","DOIUrl":"https://doi.org/10.12968/s1353-4858(23)70012-3","url":null,"abstract":"NewsPenguin is a previously unknown threat actor, targeting Pakistan with an advanced espionage tool. The group's campaign seemed to be geared to targeting visitors to a major trade show. However, an analysis of its techniques and technologies throws some interesting light on how targeted attacks are being deployed.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76240532","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-02-01DOI: 10.12968/s1353-4858(23)70009-3
Luke Kenny
How can you tell if your organisation is really prepared for a cyber attack? Focusing too heavily on technological solutions can result in key aspects being overlooked – including the necessary skills and awareness among your staff and whether you have the right processes in place, and the people ready and prepared to use them, in case of an attack.
{"title":"Preparing for crisis: are you ready to be attacked?","authors":"Luke Kenny","doi":"10.12968/s1353-4858(23)70009-3","DOIUrl":"https://doi.org/10.12968/s1353-4858(23)70009-3","url":null,"abstract":"How can you tell if your organisation is really prepared for a cyber attack? Focusing too heavily on technological solutions can result in key aspects being overlooked – including the necessary skills and awareness among your staff and whether you have the right processes in place, and the people ready and prepared to use them, in case of an attack.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"62 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86042679","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-02-01DOI: 10.12968/s1353-4858(23)70010-x
Thomas Segura
With increasing threats from cybercrime and state-sponsored actors around the world, companies need to focus their defence resources on elements that can most cost-effectively reduce their security debt and advance their DevSecOps maturity. Detecting hard-coded secrets in source code is a preventive tactic that greatly increases the cost to the attacker by removing the low-hanging fruits first. But this requires a strategic approach to preserve application security teams’ operational capacity.
{"title":"The nightmare of hard-coded credentials","authors":"Thomas Segura","doi":"10.12968/s1353-4858(23)70010-x","DOIUrl":"https://doi.org/10.12968/s1353-4858(23)70010-x","url":null,"abstract":"With increasing threats from cybercrime and state-sponsored actors around the world, companies need to focus their defence resources on elements that can most cost-effectively reduce their security debt and advance their DevSecOps maturity. Detecting hard-coded secrets in source code is a preventive tactic that greatly increases the cost to the attacker by removing the low-hanging fruits first. But this requires a strategic approach to preserve application security teams’ operational capacity.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"216 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77120765","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-02-01DOI: 10.12968/s1353-4858(23)70008-1
Nigel Jones
What does the criminal conviction of Uber's former CISO mean for the information security sector? The case highlights the need for CISOs to ensure that they have a clear line to the board, and a robust plan for how to deal with security incidents ahead of time.
{"title":"Guilty of hiding a data breach","authors":"Nigel Jones","doi":"10.12968/s1353-4858(23)70008-1","DOIUrl":"https://doi.org/10.12968/s1353-4858(23)70008-1","url":null,"abstract":"What does the criminal conviction of Uber's former CISO mean for the information security sector? The case highlights the need for CISOs to ensure that they have a clear line to the board, and a robust plan for how to deal with security incidents ahead of time.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"23 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81272571","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: