Are employees really the weakest link in your cyber-defense strategy?

Posted by:

It’s been touted for awhile that people, be they employees, business partners or consultants, are the true weakness in the cyber defenses of an organization.

It is people – all with some level of access to the inner sanctum of the network – that have been a main focus for malicious agents (aka “the bad guys”).

It isn’t rocket science as to why – as technology gets more complex and savvy, it is more difficult to sneak into a system undetected from ...

Read More →
0

Will blockchain transform supply chain management?

Posted by:

Just as no man is an island, no business operates entirely on its own. We all have a supply chain, a support network of businesses providing the products and services we rely on to get our own work done.

This supply chain has always been a major risk point for businesses – we count on our suppliers to get their work done to standard and on time, but also to protect our interests, and in many cases our data and that ...

Read More →
0

Pen Tests and Red Teams are NOT the same

Posted by:

So the other day, I was debating the ins and outs of a cyber strategy to protect a network. At one point, my learned friend scoffed at me, saying I was splitting hairs – that there was essentially no difference between “red teaming” and penetration testing.

I respectfully disagreed, and here’s why:

Actually, let’s first admit that they do have one thing is common. They both are key to a holistic defense strategy, but they should not be conflated.

Let’s define what we ...

Read More →
0

Penetration Tests: Why It Stops Trouble Before It’s Too Late

Posted by:

No matter what kind of company you work in, if it has online assets – like a web store or site, or databases containing sensitive information like business strategies, financials, or customer info – you face a dilemma: how do I stop unauthorized users from entering restricted systems and accessing files, yet ensure seamless accessibility to my users?

There are of course countless approaches to this problem, usually including layers of security, powerful software and enforced policies. Now, even in big ...

Read More →
0

The Big Case for Multi-Factor Authentication: October Cybersecurity Awareness Month

Posted by:

We are steaming through October’s cybersecurity awareness month. We have talked about how ignoring the everyday scams, malware and data grabs is detrimental to individuals as well as your organization’s risk posture. In fact, passwords are still the number one attack vector. Don’t think for a moment that the password problem has gone away.

In 2017, a Verizon report stated that 95% of web application attacks take advantage of weak ...

Read More →
0

Top Five Data Breaches of Summer 2018

Posted by:

It seems that 2.6 billion records were exposed in the first half of 2018. Just to provide context, remember that there are less than 3 times that many people alive on the planet. Obviously, those records don’t represent unique users, but it goes to show the sheer scope of the problem.

And it is an expensive problem. In the U.S. the average price tag swells to $7.91 million per breach, with an average clean up time ...

Read More →
0

Top five IT security threats AND what you can do about them

Posted by:

The job of a security administrator is far more complex today than ever. Plethoras of attacks attempt to blow down your corporate doors on a daily basis. Below, we’ve outlined today’s most prevalent attacks, and provided some expert advice on how to prevent being their next victim.

 

Malware and targeted attacks

Malware has moved a long way from the viruses and worms of the 1990s, becoming ever more crafted to target specific businesses or sectors, to steal ...

Read More →
0

Supply Chain attacks: 80% of senior IT professionals say it’s fastest growing cyberthreat

Posted by:

Earlier this year, we wrote about supply chain risk, warning organizations to be more wary, especially since GDPR has come into full effect. That said, GDPR is by no means the only privacy regulation out there (consider Massachusetts’ CMR 17.00  or California’s 2018 Consumer Privacy Act. No longer can we assume little to no liability when it comes to third party processing or handling of sensitive data.

Read More →

0

Cryptomining overtakes Ransomware as leading malware and cause of headaches for IT

Posted by:

According to experts, current crypto value is said to reach one trillion dollars this year. With an estimated five-to-ten million active wallets.

Take Statista, who reports the price of Bitcoin experienced an increase from about 371 U.S. dollars in January 2016 to over 13 thousand by December 2017. Also, market capitalization of Bitcoin rose from $0.04 billion in Q1 2012 to over $230 billion in Q4 2017.

Many of us would be lying if we said we hadn’t at least thought ...

Read More →
0

U.S. and China trade wars: What’s the likely impact on information security?

Posted by:

Image courtesy of the Los Angeles Daily News

The U.S. political landscape is shifting dramatically, and no one knows what this shake out will uncover. For better or worse, it is certainly rocking the boat for U.S. residents, but changes are afoot for other global entities as well.

One of these entities is China.

According to media reports as recent as yesterday, China says it is “fully prepared” for a trade war with the U.S.

This coming ...

Read More →
0
Page 1 of 7 12345...»
})
SEC Cybersecurity Exams