Security Trends 

Cyber War Is Hell

Think cyber war is bad now? It is only going to get worse – much worse -- says security expert Bruce Schneier.

Will Red Hat Enter the Security Market?

VIDEO: Red Hat CEO Jim Whitehurst discusses the role that security plays at the Linux vendor and whether it's a business he plans on entering with a new product.

Can Data Infrastructure Vendors Stop Hackers?

A group of prominent technology vendors are teaming to offer a highly secure data infrastructure built on Security-Enhanced Linux.

Startup Spotlight: Prelert's Anomaly Detection

Prelert first sold its anomaly detection technology to IT operations teams – but then customers begged them to create similar products for enterprise security.

Why Is Fighting Cybercrime So Hard?

It's tough to target the few hundred super hackers that experts believe are behind the majority of cyber attacks.

Fighting Insider Attacks Is Tough: Survey

Only 21 percent of respondents continuously monitor user behavior to thwart insider attacks, finds a Crowd Research Partners survey.

Cloud Storage's Data Loss Prevention Problem

Nearly 18 percent of files in enterprise-approved apps violate DLP policies, finds a Netskope study. The worst offender: cloud storage apps.

Microsoft Wants to Fix Cloud Security's 'Trust Problem'

Microsoft Research could revolutionize cloud security with nascent solutions based on Intel technology.

Mobile Apps Live On, Wreak Security Havoc

While enterprise security teams fret about mobile malware, dead and stale apps on users' devices pose a far greater mobile security threat, finds an Appthority report.

Which Web Application Security Best Practice Really Matters?

Organizations want to build more secure Web applications, but they are having trouble identifying development best practices that really make a difference.

Bringing Secure Boot to the Core of Containers [VIDEO]

VIDEO: Matthew Garrett, principal security engineer at CoreOS, discusses his efforts to bring a root of trust from bare metal all the way to the operating system level.

Static Analysis Can 'Score' Software Security

Static analysis can be even more effective in improving software security if it is used to create quality metrics.

Why Isn't User Training a Security Priority?

Only about half of companies offer any kind of security training, a CompTIA survey found.

The Millennial Security Risk

Millennials more likely than their baby boomer counterparts to engage in risky security behavior, report finds.

TapLink Rethinks Password Security with Blind Hashing

Passwords are often a weak security link but they don't have to be, says security startup TapLink.

Making Credit Cards Unhackable

Credit card credentials are easy to obtain and difficult to secure. An unhackable credit card could be on the horizon, thanks to technology based on quantum computing.

76 Percent of Organizations Breached in 2014

QuinStreet Enterprise research outlines the scope of security challenges facing enterprises today.

Startup Spotlight: Prevoty's Application Security

Despite the growing importance of applications, the application layer is a "black hole" of enterprise security, says company's co-founder.

Google, Facebook and Microsoft on Data Privacy

Data privacy should be integrated at the beginning of product development process, tech titans agree.

IoT 'Security Hopscotch' Is No Game: Chris Roberts

Chris Roberts, in hot water after tweeting about a hack into a plane's WiFi system, describes another theoretical attack, this one against an Internet-connected appliance.

What Bruce Schneier Learned from the Sony Breach

Bruce Schneier provides guidance for organizations in the post-Sony breach world.

Cryptographer Panel Slams Government Key Escrow Idea

Experts on a cryptography panel at the RSA conference reject the idea of the U.S. government holding encryption keys.

Little Change in Security Workforce Challenges, Study Finds

Another big IT security firm finds a shortage of skilled infosec pros, again.

Manual Penetration Testing Still Crucial to Smart App Development

With automated security testing, you do not need manual penetration testing when developing apps, right? Wrong!

10 Trickiest Mobile Security Threats

Mobile apps are popular with knowledge workers and hackers alike. Which 10 mobile threats are the most problematic for security pros?