Security news aggregator

Latest coverage for Proposal

The Proposal tag covers proposals that could shape cybersecurity policy, technical standards, incident response, and protections for digital systems.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

A proposal is a documented plan for introducing, changing, or funding a security measure, policy, architecture, or project. It turns a problem or requirement into a decision by defining scope, objectives, options, cost, dependencies, owners, and implementation criteria. In security reporting, it may cover a vulnerability-remediation plan, access-control redesign, security tooling purchase, or response to a proposed technical standard.

Its security value depends on connecting identified threats and vulnerabilities to specific controls and verification steps. Reviewers should examine assumptions about assets, trust boundaries, data handling, and third parties; privacy and regulatory constraints where personal data is involved; and plans for testing, rollout, monitoring, exception handling, and reassessment. A proposal that omits residual risk, ownership, measurable acceptance criteria, or maintenance can leave weaknesses unresolved after approval.

Showing 3 most recent headlines Filtered view

CFO Manish Narula Promoted to CEO as Fate of Proposed Trustwave Merger Gets MurkyOne of the messiest public spats at a cybersecurity company in recent memory has led to the resignation of its chief executive. Erin Gan walked away from Cybereason after seemingly coming up short in his battle to wrestle control of the endpoint security vendor away from a pair of investors.

Code of Practice for Software Vendors Sets Baseline Security ExpectationsA British government proposal to strengthen software supply chain security received positive feedback from vendors who said voluntary best practices could strengthen cyber defenses. The guidelines suggest requiring multifactor authentication for developers and timely vulnerability patching.

Trend Micro Research, News and Perspectives 1 year, 4 months ago

From Event to Insight: Unpacking a B2B Business Email Compromise (BEC) Scenario

Trend Micro™ Managed XDR assisted in an investigation of a B2B BEC attack that unveiled an entangled mesh weaved by the threat actor with the help of a compromised server, ensnaring three business partners in a scheme that spanned for days. This article features investigation insights, a proposed incident timeline, and recommended security practices.