The Data Security Maturity Model ditches application, network, and device silos when it comes to architecting a data security strategy.
Follow Dark Reading:
 April 27, 2023
LATEST SECURITY NEWS & COMMENTARY
CISOs Rethink Data Security With Info-Centric Framework
The Data Security Maturity Model ditches application, network, and device silos when it comes to architecting a data security strategy.
Malware-Free Cyberattacks Are on the Rise; Here's How to Detect Them
Last year, 71% of enterprise breaches were pulled off quietly, with legitimate tools, research shows.
'Good' AI Is the Only Path to True Zero-Trust Architecture
Ultimately, AI will protect the enterprise, but it's up to the cybersecurity community to protect "good" AI in order to get there, RSA's Rohit Ghai says.
Millions of Artifacts, Misconfigured Enterprise Software Registries Are Ripe for Pwning
Researchers find 250 million artifacts and 65,000 container images exposed in registries and repositories scattered across the Internet.
Rethinking Safer AI: Can There Really Be a 'TruthGPT'?
Is Elon Musk's "maximum truth-seeking AI" achievable? Overcoming bias in artificial technologies is crucial for cybersecurity, but doing it could be a challenge.
North Korea's Kimsuky APT Keeps Growing, Despite Public Outing
Kim Jong Un's Swiss Army knife APT continues to spread its tendrils around the world, showing it's not intimidated by the researchers closing in.
3CX Supply Chain Attack Tied to Financial Trading App Breach
Mandiant found that North Korea's UNC4736 gained initial access on 3CX's network when an employee downloaded a weaponized but legitimately-signed app from Trading Technologies.
Expert Insight: Dangers of Using Large Language Models Before They Are Baked
Today's LLMs pose too many trust and security risks.
Effects of the Hive Ransomware Group Takedown
Despite some success in limiting damage from Hive, there's no time to relax security vigilance.
Building a Better SBOM
Generating an SBOM is easy. It's generating one that's comprehensive and accurate that's hard.
Cybersecurity Survival: Hide From Adversarial AI
Consider adding some security-through-obscurity tactics to your organization's protection arsenal to boost protection. Mask your attack surface behind additional zero-trust layers to remove AI's predictive advantage.
GPT-4 Provides Improved Answers While Posing New Questions
As is typical with emerging technologies, both innovators and regulators struggle with developments in generative AI, much less the rules that should govern its use.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Twitter's 2FA Policy Is a Call for Passkey Disruption
Overcoming the limitations of consumer MFA with a new flavor of passwordless.

The Tangled Web of IR Strategies
Attackers have their methods timed to the second, and they know they have to get in, do their damage, and get out quickly. CISOs today must detect and block in even less time.

MORE
EDITORS' CHOICE
Metaverse Version of the Dark Web Could be Nearly Impenetrable
Law enforcement will likely find it much harder to take down criminal activities on the "deepverse."
LATEST FROM THE EDGE

New Policy Group Wants to Improve Cybersecurity Disclosure, Support Researchers
The new Security Legal Research Fund and Hacking Policy Council are aimed at protecting "good faith" security researchers from legal threats and giving them a voice in policy discussions.
LATEST FROM DR TECHNOLOGY

Bot Management Aims to Tame Attacker Automation
Websites, cloud services, and API servers are seeing ever more automated traffic — aka bots — forcing companies to find ways to separate the digital wheat from the chaff.
WEBINARS
  • Why Threat Modeling Is Critical for Enterprise Cyber Defense

    As enterprises deal with multiple threats coming in different forms, security teams are shifting to a risk-based security to handle these challenges. One of the key tools is threat modeling, a process intended to help identify potential weaknesses and prioritize ...

  • How to Launch a Threat Hunting Program

    Security teams need to be more proactive about finding threats before they can cause too much damage. How do these enterprises build threat hunting programs? What stakeholders needs to be involved? What skills are necessary for the threat hunting team? ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
  • Shoring Up the Software Supply Chain Across Enterprise Applications

    Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ...

  • The Promise and Reality of Cloud Security

    Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ...

  • 10 Hot Talks From Black Hat USA 2022

    Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ...
View More Dark Reading Reports >>
PRODUCTS & RELEASES
BigID and Thales Collaborate to Deliver Comprehensive Data Protection and Privacy Compliance
Akamai Introduces Prolexic Network Cloud Firewall
CyberGRX Announces Winners of the Inaugural Cyber Risk Nation Awards
BlackBerry Extends Partnership With Managed Security Services Provider (MSSP) to Ensure SMBs are Set Up for Cyber Success
Vantage Travel Experiences Data Security Incident
Datadog's 2023 State of Application Security Report Presents Top AppSec Trends
ReliaQuest Adds AI Capabilities to GreyMatter Intelligent Analysis
NetWitness Partners With Palo Alto Networks, Broadcom to Launch SASE Packet Integrations at RSA Conference 2023
Forcepoint Delivers Data Security Everywhere, Extending DLP Policies From Endpoints to the Cloud
Dig Security Announces New Integration With CrowdStrike
Google Workspace Extends Enterprise-Grade Security and Device Management for Hybrid Work With Okta and VMware
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Successfully Managing Identity in Modern Cloud and Hybrid Environments
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us