Securing the Internet of Things is an especially hot topic right now thanks to some bad botnets — and, of course, some major IoT vulnerabilities. This month the Mirai botnet waged the world’s largest DDoS attack in history against Dyn, a major domain-name server. The attack wreaked havoc across the entire internet, taking down major […]
No threat risk model (an assessment of software, network or other risks and threats) is complete without a methodology for rating threats. In an earlier article we addressed two common and simple threat risk models, both developed by Microsoft — STRIDE and DREAD — along with the more complex CVSS (Common Vulnerability Scoring System). Here […]
Threat risk modeling, which involves identifying, quantifying and addressing security risks associated with IT systems, is a big part of the job for security professionals. Fortunately, numerous threat risk models have been developed. Some are geared toward specific purposes (such as web application development), but can be adapted in other ways and for other uses. […]
Credit cards are not secure. That has been the case for a long time, and it remains the case today. It is why point-of-sale malware has been so popular among hackers and their dark Web customers, and it is why major retailers like Target, Home Depot and Michael’s, and other businesses like Anthem and Adobe […]
Insuring against cyber threats is not exactly a new concept, but most companies — two out of every three — don’t have cyber insurance policies. Despite recent headlines about major security breaches, growth in the cyber insurance market may actually be slowing. According to New York-based brokerage firm Marsh LLC, the number of cyber insurance […]
Subscribe to Cybersecurity Insider for top news, trends & analysis