The Cybersecurity Canon – American Kingpin: The Epic Hunt for the Criminal Mastermind Behind the Silk Road

We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite.  The Cybersecurity Canon [...]

World Economic Forum Report Reinforces Rising Prominence of Cybersecurity

The recent Global Risks Report by the World Economic Forum offers the latest evidence that cybersecurity is rising among the top global risks. Cyberattacks are now the global risk of highest concern to business leaders in advanced economies. This reflects the inability of enterprises to keep pace with today’s challenging threat landscape, and points to an urgent [...]

Introducing ISACA’s GDPR Implementation Guide

The purpose of the General Data Privacy Regulation (GDPR) is to harmonize the data privacy regulations that each European Union member state implemented to comply with GDPR’s predecessor. GDPR provides a single, comprehensive regulation that is compulsory for all organizations processing the personal data of individuals living within the European Union. The regulation becomes enforceable [...]

Nine Myths of Account Takeover

Account takeover attacks are a nearly invisible tactic for conducting cyber espionage. Because these breaches can take months or years to detect, we are slowly discovering that this attack vector is much more common than we thought. The more we learn about new methodologies, the more we realize just how misunderstood account takeover attacks can [...]

Unveiling Magnifier Behavioral Analytics: Rapidly Hunt Down and Stop the Stealthiest Network Threats

At Palo Alto Networks, we constantly seek out new ways to achieve our mission to protect our way of life in the digital age by preventing successful cyberattacks. We analyze all the steps threat actors take to carry out their attacks and systematically add new protections to disrupt each step. By blocking threat actors’ every [...]

Meltdown/Spectre: Not Patching is Not an Option

The most prominent data security events of 2017, such as WannaCry and Equifax, were direct results of poor patching practices. Now, 2018 is off to a menacing start with disclosure of two hardware vulnerabilities affecting most modern microprocessors and requiring a number of patches on several levels of defenses. To clarify, Meltdown is a vulnerability [...]