Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

News & Commentary
From FUD to Fix: Why the CISO-Vendor Partnership Needs to Change Now
Michele Commentary
CISOs and their staffs are up against too many systems, screens, and alerts, with too few solutions to effectively address pain points.
By Michele "MB" Bettencourt Executive Chairperson, Corelight, 12/3/2020
Comment0 comments  |  Read  |  Post a Comment
Automated Pen Testing: Can It Replace Humans?
Alex Haynes, Chief Information Security Officer, CDLCommentary
These tools have come a long way, but are they far enough along to make human pen testers obsolete?
By Alex Haynes Chief Information Security Officer, CDL, 12/2/2020
Comment0 comments  |  Read  |  Post a Comment
The Cybersecurity Skills Gap: It Doesn't Have to Be This Way
Sander Vinberg, Threat Research Evangelist at F5 LabsCommentary
Once it becomes clear that off-the-shelf experts aren't realistic at scale, cultivating entry-level talent emerges as the only long-term solution -- not just for a hiring organization but for the field as a whole.
By Sander Vinberg Threat Research Evangelist at F5 Labs, 12/1/2020
Comment0 comments  |  Read  |  Post a Comment
Can't Afford a Full-time CISO? Try the Virtual Version
John Roman, President and COO of FoxPointe SolutionsCommentary
A vCISO can align a company's information security program to business strategy and budgeting guidance to senior management.
By John Roman President and COO of FoxPointe Solutions, 12/1/2020
Comment0 comments  |  Read  |  Post a Comment
2020 Cybersecurity Holiday Gift Guide for Kids
Ericka Chickowski, Contributing Writer
Grab some wrapping paper: These STEM toys and games are sure to spark creativity and hone coding and logic skills among a future generation of cybersecurity pros.
By Ericka Chickowski Contributing Writer, 12/1/2020
Comment0 comments  |  Read  |  Post a Comment
Failing Toward Zero: Why Your Security Needs to Fail to Get Better
Akshay Bhargava, Chief Product Officer at MalwarebytesCommentary
Each security incident should lead to a successive reduction in future incidences of the same type. Organizations that fail toward zero embrace failure and learn from their mistakes.
By Akshay Bhargava Chief Product Officer at Malwarebytes, 11/27/2020
Comment0 comments  |  Read  |  Post a Comment
Why Security Awareness Training Should Be Backed by Security by Design
Ericka Chickowski, Contributing WriterNews
Cybersecurity training needs an overhaul, though the training itself is only one small part of how security teams can influence user behavior.
By Ericka Chickowski Contributing Writer, 11/25/2020
Comment0 comments  |  Read  |  Post a Comment
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing WriterNews
Companies should plan their future workforce model now, so they have time to implement the necessary tools, including cybersecurity and seamless remote access, a Forrester report says.
By Robert Lemos Contributing Writer, 11/23/2020
Comment0 comments  |  Read  |  Post a Comment
10 Undergraduate Security Degree Programs to Explore
Kelly Sheridan, Staff Editor, Dark Reading
Colleges and universities are ramping up cybersecurity education with a wider range of degree programs and more resources for students to build their infosec careers.
By Kelly Sheridan Staff Editor, Dark Reading, 11/23/2020
Comment0 comments  |  Read  |  Post a Comment
2021 Cybersecurity Spending: How to Maximize Value
Gidi Cohen, Chief Executive Officer & Founder, Skybox SecurityCommentary
This is a pivotal moment for CISOs. As their influence increases, so does the pressure for them to make the right decisions.
By Gidi Cohen Chief Executive Officer & Founder, Skybox Security, 11/19/2020
Comment0 comments  |  Read  |  Post a Comment
Twitter Taps Mudge
Dark Reading Staff, Quick Hits
Noted security researcher Peiter Zatko joins the social network as head of security.
By Dark Reading Staff , 11/16/2020
Comment0 comments  |  Read  |  Post a Comment
The Sameness of Every Day: How to Change Up Audit Fatigue
Stephen Horvath, Vice President, Strategy & Cloud, at Telos CorporationCommentary
And with more data compliance laws on the way, audit fatigue could be a real challenge for infosec professionals.
By Stephen Horvath Vice President, Strategy & Cloud, at Telos Corporation, 11/13/2020
Comment0 comments  |  Read  |  Post a Comment
3 Tips For Successfully Running Tech Outside the IT Department
Patrick Kehoe, Chief Marketing and Strategy Officer, CoalfireCommentary
When marketing opts for "extra-departmental IT," coordination and communication are required to keep things secured.
By Patrick Kehoe Chief Marketing and Strategy Officer, Coalfire, 11/11/2020
Comment1 Comment  |  Read  |  Post a Comment
Overlooked Security Risks of the M&A Rebound
Bill Ruckelshaus, CFO, ExtraHopCommentary
Successful technology integration, post-merger, is tricky in any market, and never more so than with today's remote work environments and distributed IT infrastructure.
By Bill Ruckelshaus CFO, ExtraHop, 11/10/2020
Comment0 comments  |  Read  |  Post a Comment
Bug Bounty Hunters' Pro Tips on Chasing Vulns & Money
Seth Rosenblatt, Contributing Writer
From meditation to the right mindset, seasoned vulnerability researchers give their advice on how to maximize bug bounty profits and avoid burnout.
By Seth Rosenblatt Contributing Writer, 11/5/2020
Comment0 comments  |  Read  |  Post a Comment
Digital Transformation Means Security Must Also Transform
James Hadley, CEO at Immersive LabsCommentary
Being successful in this moment requires the ability to evolve in terms of team management, visibility, and crisis management.
By James Hadley CEO at Immersive Labs, 11/5/2020
Comment0 comments  |  Read  |  Post a Comment
Online Users Feel Safe, But Risky Behavior Abounds
Robert Lemos, Contributing WriterNews
New research also shows a divide between younger and older users in their security practices, including use of two-factor authentication and how often software updates are performed.
By Robert Lemos Contributing Writer, 11/5/2020
Comment0 comments  |  Read  |  Post a Comment
Public Safety & Cybersecurity Concerns Elevate Need for a Converged Approach
Will Wise, Group Vice President, Security Events, Reed ExhibitionsCommentary
As public and private spaces are opening up, the need for a converged approach to cybersecurity and physical security is essential, as is integration with health measures and tech.
By Will Wise Group Vice President, Security Events, Reed Exhibitions, 10/30/2020
Comment0 comments  |  Read  |  Post a Comment
SANS Launches New CyberStart Program for All High School Students
Nicole Ferraro, Contributing WriterNews
Free program lets students solve real-world security problems - and learn about cybersecurity.
By Nicole Ferraro Contributing Writer, 10/30/2020
Comment0 comments  |  Read  |  Post a Comment
How Healthcare Organizations Can Combat Ransomware
Mike Wilson, Founder & CTO, EnzoicCommentary
The days of healthcare organizations relying solely on endpoint security software to stop attacks are over. Here are six ways that healthcare providers can fight the ever-present threat.
By Mike Wilson Founder & CTO, Enzoic, 10/29/2020
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by karthik.k16
Current Conversations Thanks. Very informative
In reply to: Great article
Post Your Own Reply
Posted by TimKorry
Current Conversations Great tips. Thanks
In reply to: Great tips
Post Your Own Reply
More Conversations
Cloud Security Threats for 2021
Or Azarzar, CTO & Co-Founder of Lightspin,  12/3/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Assessing Cybersecurity Risk in Todays Enterprises
Assessing Cybersecurity Risk in Todays Enterprises
COVID-19 has created a new IT paradigm in the enterprise and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25449
PUBLISHED: 2020-12-04
Cross Site Scripting (XSS) vulnerability in Arachnys Cabot 0.11.12 can be exploited via the Address column.
CVE-2020-25465
PUBLISHED: 2020-12-04
Null Pointer Dereference. in xObjectBindingFromExpression at moddable/xs/sources/xsSyntaxical.c:3419 in Moddable SDK before OS200908 causes a denial of service (SEGV).
CVE-2020-25461
PUBLISHED: 2020-12-04
Invalid Memory Access in the fxProxyGetter function in moddable/xs/sources/xsProxy.c in Moddable SDK before OS200908 causes a denial of service (SEGV).
CVE-2020-25462
PUBLISHED: 2020-12-04
Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in Moddable SDK before OS200903.
CVE-2020-25463
PUBLISHED: 2020-12-04
Invalid Memory Access in fxUTF8Decode at moddable/xs/sources/xsCommon.c:916 in Moddable SDK before OS200908 causes a denial of service (SEGV).