Article written by: Stephen Magnani (Senior Vice President-Office of the Chief of Information Security-Application Security Management, Citi) and Roger Young (VP, Chief Information Security Officer, Cenlar FSB)Like several key business segments,...

Article written by: Joseph Weinberg (Board Member, TimiCoin/TimiHealth) and Sean Murphy (Vice President, Chief Information Security Officer, Premera Blue) The health-care industry has long been subject to rules about the protection of patients’...

Using Technology Risk Metrics to Make Business Decisions Article written by: Eric Vanderburg (Vice President, Cybersecurity, TCDI), Koushik Subramanian (CISO - UI Labs and Director Of Manufacturing Cybersecurity - DMDII, UI LABS),...

Methods for Quantifying Technology Risk Article written by: Eric Vanderburg (Vice President, Cybersecurity, TCDI), Koushik Subramanian (CISO - UI Labs and Director Of Manufacturing Cybersecurity - DMDII, UI LABS), Vito Sardanopoli (Principal and...

Article written by: Genady Vishnevetsky (Chief Information Security Officer, Stewart Title), Cory Missimore (Assistant Manager, Information Security, Bloomberg BNA), and Bradley Schaufenbuel (CISO, Paylocity)There are no standard methods for...

Article written by: Thomas Dugas (CISO, Duquesne University) and Doug McDorman (Principal Security Architect, T-Mobile)A key task of any cyber-risk assessment is determining which technology assets are most important to the business. The most...

Article written by: Mannie Romero (Executive Director - Office of the CISO, Optiv Inc), Barbie Bigelow (Senior Vice President and CIO, Jacobs Engineering Group), and Kalpesh Doshi (CISO, FIS)Cybersecurity is no longer just an IT team function....

Article written by: Nir Yizhak (CISO & DPO, Gigya) and Antonio D’Argenio (Security Architect, Tech Data Corporation)Indentifying and quantifying cyber-risk are essential for effective risk prioritization. Risk scoring not only helps identify...

Demystifying MS17-010: Reverse Engineering the Eternal Exploits MS17-010 is the most important patch in the history of operating systems, fixing remote code execution vulnerabilities in the world of modern Windows. The ETERNAL exploits, written...

Koadic, or COM Command & Control, is a Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire. The major difference is that Koadic does most of its operations using Windows Script Host...