For too long, code writers have been measured on the features built into their applications - not the potential security vulnerabilities. It's time to change that perspective, says Maty Siman of Checkmarx.
When it comes to DDoS attacks, the hacktivists get all the headlines, but there is a robust service industry behind the scenes, supporting these sophisticated strikes, says Darren Anstee of Arbor Networks.
DDoS attacks have grown in sophistication. But so have organizations' dependencies on the services disrupted by DDoS, says Corero's Ashley Stephenson. How should security leaders respond to protect their critical services?
Organizations across all industry sectors understand the importance of information security. But turning security awareness into meaningful action - that's the challenge that many midsized entities face, says Sophos' Nick Bray.
"If you're not doing the right things on managing vulnerabilities, it doesn't really matter what other kinds of sophisticated things you do - that's the baseline for security," says BeyondTrust's Marc Maiffret.
Business associate agreements should not be a dumping ground for healthcare entities to make demands on their vendors with provisions that go beyond specific HIPAA privacy and security regulations, says attorney Gerry Hinkley.