Sign up for our weekly newsletter!
REGISTER NOW
Joe Stanganelli
Latest Content
IoE: The Internet of Espionage
Joe Stanganelli  
4/12/2019   1 comment
As employees live their lives across an increasingly IoT-enabled landscape (with devices often installed discreetly and with hidden functionalities), enterprise security is threatened by outside factors it cannot control.
5 Years of the NIST Cybersecurity Framework
Joe Stanganelli  
3/26/2019   1 comment
With NIST celebrating the five-year anniversary of its widely adopted and recommended Cybersecurity Framework just last month, a look back over the years illustrates how far the Framework has come.
Jackson County Still Recovering After Paying Ryuk Ransom
Joe Stanganelli  
3/21/2019   2 comments
Radio silence after reports of a headline-snagging ransomware payment in Jackson County, Ga., presents a possible case study in the pros and cons of paying ransomware attackers.
Endpoint-Security Companies in High Demand for Buyouts, Partnerships
Joe Stanganelli  
2/28/2019   21 comments
Since last year, endpoint-protection firms have been among the biggest movers and shakers in the cybersecurity realm – with the endpoint-security market seeing more than a typical share of acquisitions and strategic partnerships. Joe Stanganelli takes a look at why this might be happening.
Digital Transformation With IoT: Assessing Risk Through Standards & Visibility
Joe Stanganelli  
2/27/2019   19 comments
IoT transformation is a gift and a curse that carries both business agility and business risk. As the world digitally transforms into something "smarter" than itself, IoT devices proliferate, demanding a lot of resources to keep up with them all – and, by extension, secure them all.
Digital Transformation With Cloud: Answering Risks With Algorithms
Joe Stanganelli  
2/20/2019   8 comments
Cloud projects are big. Huge. So it's not perpetuating FUD to point out that cloud transformation still bears security and data-stewardship risks. But what appears too big a challenge for mere man might be no match for machine.
Take White Hats Seriously to Staunch the Flow of Zero-Days
Joe Stanganelli  
2/19/2019   10 comments
Zero-day vulnerabilities are serious, and on the rise. And IT-security teams make the problem worse when they fail to respond, or respond poorly, to responsible vulnerability disclosures.
Six Large Data Dumps Add Fuel to Collection #1's Fire
Joe Stanganelli  
2/12/2019   Post a comment
Collection #1 was just the beginning. Researchers at Recorded Future have uncovered six more dark-web data dumps to complete the set — and possibly hint at even more password databases circulating.
Google's GDPR Fine: What It Means for Jurisdictional Arbitrage
Joe Stanganelli  
2/7/2019   1 comment
In the wake of France's recent €50 million GDPR fine against Google, enterprises should consider GDPR-enforcement considerations when determining the base of their EU operations.
UAE's Cyberwar on Civilians Employed Former US Intelligence Operatives
Joe Stanganelli  
2/1/2019   4 comments
A recent exposé about a surveillance program in the United Arab Emirates raises uncomfortable questions about cyberwarfare and US intelligence officers.
Should All IAM Be CIAM?
Joe Stanganelli  
1/30/2019   6 comments
CIAM vendors are right that traditional IAM isn't going to cut it for customer-facing solutions – but their sound premises have led to the perverse conclusion of keeping in-house IAM systems suboptimal. What if the power of CIAM could help employees realize better usability and security too?
US Air Force: 5G Dominance Critical to National Security
Joe Stanganelli  
1/7/2019   1 comment
In a November 2018 report, the US Air Force's Electromagnetic Defense Task Force ranks control of 5G networks and spectrum as a top priority for national security in the event of a substantial electromagnetic disturbance.
GDPR Fines: Some Bark, Little Bite
Joe Stanganelli  
12/3/2018   6 comments
As Security Now says 'Happy Halfiversary' to GDPR, we take a look at what few GDPR fines and other DPA orders and guidance have been made public over the past six months.
GDPR Presents New Challenges in Backup & Disaster Recovery Management
Joe Stanganelli  
11/23/2018   3 comments
GDPR applies not only to primary systems, but also to backup and recovery systems. Cloud storage, combined with a modicum of common sense, may prove essential to helping with GDPR compliance for these systems.
Living With Compromised Technology Supply Chains in a Post-Supermicro World
Joe Stanganelli  
10/15/2018   2 comments
In the wake of Bloomberg's jarring exposé on tainted motherboards from mega-manufacturer Supermicro, practical questions remain for enterprise organizations on how they can cope with the scary prospect of compromised hardware.
iOS 12: How Apple Keeps Getting Mobile Security Wrong
Joe Stanganelli  
9/25/2018   Post a comment
Are iOS updates for suckers? Apple's iOS 12 may represent the latest in a series of flawed releases that could compound user mistrust – further training the company's users to delay updates and patches.
California Looks to Pass Rudimentary IoT Security Legislation
Joe Stanganelli  
9/19/2018   2 comments
A California bill specific to IoT cybersecurity measures sits on Gov. Jerry Brown's desk, ready for him to sign it into law. The wording and limits of the law, however, leaves questions as to just how big an effect it will have.
Lock Up Your Laptops: Cold Boot Attacks Are Back
Joe Stanganelli  
9/14/2018   Post a comment
Researchers at F-Secure have developed a workaround to nullify the popular ten-year-old patch that was thought to have solved the problem of cold-boot attacks. Encryption keys and other sensitive data on millions of laptops could be affected.
IAM Heads to the Mobile Cloud
Joe Stanganelli  
8/16/2018   Post a comment
Persisting problems with identity and access management combined with usability demands are influencing the IAM market. But will enterprise IT step up its IAM game?
DHS: Millions of Smartphones Infected With Severe Embedded Vulnerabilities
Joe Stanganelli  
8/14/2018   Post a comment
Research from DHS revealed this past week seems to demonstrate that millions of smartphones have deep vulnerabilities allowing for privilege escalation and complete takeover.
California's CCPA Law: Why CISOs Need to Take Heed
Joe Stanganelli  
7/26/2018   1 comment
The recently enacted California Consumer Privacy Act, while hardly a sweeping reform of the state's privacy laws, changes the playing field for IT risk and liability where California residents' personal information is concerned.
Seamless Cloud Security Depends on Encryption Done Right
Joe Stanganelli  
7/2/2018   3 comments
As the enterprise shift to the cloud, there's a debate about what's best for securing data as it moves from one platform to another. A Boston startup is looking to encrypt data in motion and at rest, and this could be the next big trend.
Is Florida Really Such a Cybersecurity Risk?
Joe Stanganelli  
6/18/2018   1 comment
In the wake of a personal-security research report declaring Florida to have the highest level of cybersecurity-risk in the US, a closer look suggests this finding may be neither the most reliable nor the most compelling.
Invisible Network Attacks: Good Encryption vs. Bad Encryption
Joe Stanganelli  
6/4/2018   2 comments
Enterprise IT networks represent an encrypted two-way street; just as encryption is a critical defensive measure, network attackers are increasingly relying upon encrypting the malicious network traffic that they send out so as to mask their do-baddery.
Hands-Off Security: Automating & Virtualizing the Enterprise Network
Joe Stanganelli  
5/31/2018   8 comments
A series of recent tech events demonstrate that enterprises are increasingly using virtualized automation to improve their network-security posture – but perhaps no tool is perfect.
Endpoint Security: 3 Big Obstacles to Overcome
Joe Stanganelli  
4/17/2018   Post a comment
Two recent reports highlight three major challenges in enterprise endpoint security.
Data Breach Increase Shows Endpoints Are Under Attack
Joe Stanganelli  
4/16/2018   5 comments
The stats and factoids from the latest edition of Verizon's annual Data Breach Investigation Report make clear enterprise endpoints have been far too vulnerable and that explains why data breaches are on the rise.
GDPR, AI & a New Age of Consent for Enterprises
Joe Stanganelli  
3/30/2018   2 comments
Despite compliance worries under GDPR, obtaining necessary consent for AI and machine learning processing of personal data is far from impossible.
Cybersecurity AI: Addressing the 'Artificial' Talent Shortage
Joe Stanganelli  
3/23/2018   Post a comment
As AI becomes increasingly important to cybersecurity, industry's complaints on the talent shortages in both areas have become louder. However, is there really a lack of qualified experts?




Latest Articles
Equipment at a nuclear power plant in Ukraine was used to mine cryptocurrency.
Why NRDs should matter to the security community.
Some startups need to shape up or ship out.
Hardware for security may just get hot.
There is a protocol in Windows that has been around since the days of Windows XP, which has been found to be insecure.
Flash Poll
Video
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
Radio Shows
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2019 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with