Security News > 2020 > February

From buzzword to practical application, artificial intelligence quickly has made an impact in cybersecurity - particularly in the security operations center. Bryce Schroeder of ServiceNow projects how AI and automation will continue to influence SOCs - and the analyst's role.

Speaking at the RSA Conference 2020 on Thursday, security technologist Bruce Schneier called for a better cooperation between security experts and government policymakers. From education systems to election structures, society is built on conventional "Models" that made sense when they were first formed hundreds of years ago, said Schneier, a lecturer at the Harvard Kennedy School.

In interviews at RSA 2020, former Department of Homeland Security Secretary Michael Chertoff and Andy Purdy, CSO for Huawei USA, offer different points of view on 5G security. With the U.S. late to the 5G race, Chertoff says that America needs to work more closely with its allies and telecom equipment makers in Europe and Asia to make next-generation technology that competes with equipment from China's Huawei more price competitive as well as improve security.

For years, Humble Bundle has been selling great books at a "Pay what you can afford" model. This month, they're featuring as many as nineteen cybersecurity books for as little as $1, including four of mine.

A serious vulnerability affecting Apache Tomcat can be exploited to read files from a server and in some cases even to achieve remote code execution. Chaitin says the vulnerability is related to the Apache JServ Protocol protocol, which is designed to improve performance by proxying inbound requests from a web server through to an application server.

Scott Matteson: How are organizations misusing their firewalls? Matt Glenn: The first thing organizations need to do is recognize that firewalls can help with many security challenges, but they should not be used to solve everything.

Always stay alert to potential security attacks on mobile devices. Aaron Turner, president and chief security officer of Highside, a distributed identity and secure collaboration technology company, said hardened Android devices are preferred over iOS devices, because iOS devices rely on a single-point-of-failure security model and don't allow users to select which encryption roots their device trusts.

In interviews at RSA 2020, former Department of Homeland Security Secretary Michael Chertoff and Andy Purdy, CSO for Huawei USA, offer different points of view on 5G security. With the U.S. late to the 5G race, Chertoff says that America needs to work more closely with its allies and telecom equipment makers in Europe and Asia to make next-generation technology that competes with equipment from China's Huawei more price competitive as well as improve security.

At the RSA security conference in San Francisco on Tuesday, Google's security and anti-abuse research lead Elie Bursztein will present findings on how the new deep-learning scanner for documents is faring against the 300 billion attachments it has to process each week. It's challenging to tell the difference between legitimate documents in all their infinite variations and those that have specifically been manipulated to conceal something dangerous.

Threat intelligence and visualization technology can play huge roles in improving vulnerability management. Mieng Lim of Digital Defense outlines the potential benefits.