Filter By:

Type

Topic

Recent Blogs & Podcasts

Insights Portal

 



February 27, 2018 | Security Awareness, Phishing, Social Engineering
By Mike Saurbaugh, IANS Faculty

 Improve Your Security Awareness Culture

Fostering a culture where employee performance on phishing simulations continues to ramp up even as simulations grow more complex is no easy feat. In this Ask-an-Expert written response, IANS Faculty Mike Saurbaugh details ways to get the desired results by focusing on simplicity and positive reinforcement, while also addressing the issue of repeated failures.  

Read More »


February 26, 2018 | Threats & Incidents

 Phishing: Overview of Attacks in 2017

Three-quarters of all organizations surveyed experienced a phishing attack in 2017. While the number of phishing attacks hasn’t changed from 2016, companies saw a 2 percent increase in phone call phishing attacks and text-message phishing attacks.

Read More »


February 23, 2018 | Enterprise and IT Compliance Management

 SEC Releases New Guidance on Cybersecurity Risk Disclosures

On February 21, 2018, The Securities and Exchange Commission (SEC) released “interpretive guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents.” The document formally clarifies how the SEC expects firms to handle disclosures of “material risks” related to cybersecurity.

Read More »


February 22, 2018 | Security Awareness, Phishing, Social Engineering
By Mike Saurbaugh, IANS Faculty

 Reduce the Risk of Spoofing to the Call Center

Attackers continue to get creative when it comes to convincing call center agents to part with sensitive information. In this Ask-an-Expert written response, IANS Faculty Mike Saurbaugh details common spoofing ploys and other tactics attackers use to defraud call centers, plus several ways organizations can mitigate the risk.

Read More »


February 16, 2018 | Threat Intelligence and Modeling
By Adam Shostack, IANS Faculty

 Comprehensive, Structured and Systematic: Engineering for Security

The hardest part of security is going from random discovery of problems as you create new features to a systematic, comprehensive and structured approach to finding problems early. In this webinar, IANS Faculty Adam Shostack identifies ways to bring security engineering to the very earliest parts of product or service cycles, align with agile practices and reap the benefits that come from such efforts: faster, more predictable and more secure launches.

Read More »


February 15, 2018 | DevOps Organization and Strategy
By Dave Shackleford, IANS Faculty

 Best Practices in Container Security

While many organizations are deploying containers for all kinds of applications, few fully understand - and implement - strong container security today. In this Ask-an-Expert live interaction, IANS Faculty Dave Shackleford recommends ways to secure the underlying platform and ensure the integrity of repositories, in addition to other best practices.

Read More »