Public key infrastructure (PKI) is a catch-all term for everything used to establish and manage public key encryption, one of the most common forms of internet encryption. It is baked into every web browser in use today to secure traffic across the public internet, but organizations can also deploy it to secure their internal communications.
DNS pioneer Paul Vixie contemplates missed opportunities for improving internet security and advocates for widespread use of DNSSEC, which he helped create, and which he believes would go a long way toward improving DNS security.
Organizations subject to the EU's General Data Protection Regulation should do regular compliance audits. Here are the steps experts say you should take.
Western Australia Police’s chief information security officer, Hai Tran has one simple piece of advice for organisations looking to reduce passwork risk: don’t use passwords.
The MITRE ATT&CK framework is a popular template for building detection and response programs. Here's what you'll find in its knowledgebase and how you can apply it to your environment.
This gives CIOs an opportunity to tap into the existing talent base already within their organisation to hone and sharpen the specific skills that gamers possess.
Opsec, which stands for operations security, is a process by which organizations assess and protect public data about themselves that could, if properly analyzed and grouped with other data by a clever adversary, reveal a bigger picture that ought to stay hidden.
Not every organization that needs a security operations center can afford to equip and staff one. A number of providers provide SOC as a service. Here's what you need to know about them.
Privacy regulations such as the GDPR and CCPA require companies to provide "reasonable security" to protect customers' personal information. Here's how you might best achieve that standard.
Apple’s 2FA iCloud system is generally very diligent about securing your account, especially when you have two devices, but it has one key flaw.