DDoS attacks have grown in sophistication. But so have organizations' dependencies on the services disrupted by DDoS, says Corero's Ashley Stephenson. How should security leaders respond to protect their critical services?
When it comes to DDoS attacks, the hacktivists get all the headlines, but there is a robust service industry behind the scenes, supporting these sophisticated strikes, says Darren Anstee of Arbor Networks.
Organizations across all industry sectors understand the importance of information security. But turning security awareness into meaningful action - that's the challenge that many midsized entities face, says Sophos' Nick Bray.
A new voluntary security and privacy certification program for covered entities in Texas aims to bolster compliance with HIPAA and state regulations, prevent breaches - and perhaps help organizations avoid federal sanctions.
"If you're not doing the right things on managing vulnerabilities, it doesn't really matter what other kinds of sophisticated things you do - that's the baseline for security," says BeyondTrust's Marc Maiffret.
Business associate agreements should not be a dumping ground for healthcare entities to make demands on their vendors with provisions that go beyond specific HIPAA privacy and security regulations, says attorney Gerry Hinkley.
The fact that the U.S. federal government would, under some circumstances, exploit software vulnerabilities to attack cyber-adversaries didn't perturb a number of IT security providers attending the 2014 Infosecurity Europe conference in London.