Security News > 2020 > March

Companies are lagging when it comes to keeping up with software security patches - causing them to fall into "Security debt," Chris Eng, chief research officer with Veracode said. "If you incorporate security in the right way, DevOps is actually a great opportunity to improve the way that you're doing software security. And so I think that's the big takeaway," said Eng.

Companies are lagging when it comes to keeping up with software security patches - causing them to fall into "Security debt," Chris Eng, chief research officer with Veracode said. "If you incorporate security in the right way, DevOps is actually a great opportunity to improve the way that you're doing software security. And so I think that's the big takeaway," said Eng.

The plug was pulled on HIMSS20 - slated to take place in Orlando, Florida March 9-13, after the latest advisory and report updates by the Centers for Disease Control and Prevention and the World Health Organization, HIMSS said in a statement issued on Thursday afternoon. HIMSS, the largest annual health IT conference, in recent years has typically attracted more than 40,000 attendees and with more than 1,300 exhibitors.

Even the most forward-looking organizations with the top security experts face risk when transitioning to the cloud. The case study will also explain how a Network Detection and Response Layer could have provided the missing visibility and detection needed to respond to such an incident.

"From a security perspective," said Javvad Malik, security awareness advocate for KnowBe4, "The first things a company should look into are whether there is enough capacity for employees to work from home at the same time. It is also important to ensure the right policies and tools are put in place to enable employees to work remotely. Not having the right tools in place can lead to employees using unapproved or insecure apps, tools, or methods to try and get their job done. Most of all, expectations should be set as to how the organization expects its employees to operate under remote conditions and how to raise any issues." A Veritas Technologies spokesperson warned, "Many employees are habitual in the way they store data, saving to local drives on laptops or to the public cloud when working remotely. If large percentages of employees shift towards remote work over time, it could create a pool of unstructured data that would become invisible to the business-causing a new wave of data protection and compliance concerns." Given how quickly the coronavirus has spread, corporations may not have had time to implement necessary protocols.

Nearly one million domains use DMARC, but only 13% of them are configured to actually prevent email spoofing, according to a report published this week by anti-phishing solutions provider Valimail. DMARC is an email authentication, policy, and reporting protocol designed to detect and prevent email spoofing.

T-Mobile US was hacked by miscreants who may have stolen some customer information. The hackers gained access to employee email accounts, which contained customer account information.

It's hard for security to be at the right place at the right time. Traditional detection measures are no match for new cloud environments, iOT and BYO devices, and complex security tools.

Even the most forward-looking organizations with the top security experts face risk when transitioning to the cloud. The case study will also explain how a Network Detection and Response Layer could have provided the missing visibility and detection needed to respond to such an incident.

A report from Atlas VPN finds that one in three Americans worries about identity theft, while only 20% are concerned about becoming a murder victim. Along with being concerned about identity theft, 72% say they are worried about having personal information stolen by hackers.