Isn’t it time we talk seriously about a nation-wide Privacy Act?

Posted by:

Would you be surprised if someone told you that they felt even less secure online today, compared to five years ago? 

All we hear about are big companies screwing up and losing user data

Nah. Me neither. As reports Mitchell Noordyke from iapp, “state level momentum for comprehensive privacy bills is at an all time high. 

One of the hot topics now is whether the United States, Like the EU, ...

Read More →
0

The ins and outs of single sign on

Posted by:

With many technology and security events, such as Infosecurity Europe 2019, being in full swing, a number of tech goliaths are making some pretty bold statements.

It seems that the tectonic plates making up the technology landscape are indeed shifting, but it is anyone’s speculation to envision the end result…yet.

The biggest one by far this week was Apple announcing its plans to develop an Apple ID as an authenticator for online products and services.

So many of us ...

Read More →
0

The Delicate OpSecs needed to secure Supply Chains

Posted by:

OPSEC is a pretty familiar term in this industry, but reviewing its fundamental meaning and what it implies for us today in our current threat landscape is a useful exercise.

After all, being able to secure our systems and information from prying eyes from the likes of cyber thieves, scammers, ransomers, and so on, is a key priority for most businesses today.

OPSEC is the term the industry uses to talk about operational security. ...

Read More →
0

DevSecOps: an intro on why you need it

Posted by:

We’ve pulled together an FAQ on DevSecOps, so you can give some thought on whether this approach might be beneficial in your organization. We hope it’s useful.

What is DevSecOps?

The concept evolved from its predecessor DevOps, a portmanteau for Development and IT Operations (Dev + Ops). I have also heard it referred to as “Agile on steroids”. The idea is simple: it bridges the gap between development and IT teams through collaboration to reduce project ...

Read More →
1

Should C-level Bonuses Be Tied To Cybersecurity Posture?

Posted by:

The cybersecurity catch-22 – have you run across it? This is where, for example, you’ve found a vulnerability in a product, and you inform the affected company in a responsible way, but you never receive a response.

Or perhaps you work in the development team, and really want your employers to give you the resources you need to address a security flaw, only to see your requests shoved aside to focus on new, sexier features.

Read More →

0

2019: What to expect in cybersecurity this year

Posted by:

Another year is upon us. 2018 was a cyber rollercoaster with massive internet scandals and data breaches.  With that in mind there are a number of IT security topics that should be top of mind for 2019.

Take a look at a few we’ve identified…

Security by Design

We expect to see a greater focus on baked-in security, be this in application development, or in IT and company strategies. In 2018, with the enforcement of Europe’s data ...

Read More →
0

The Big Case for Multi-Factor Authentication: October Cybersecurity Awareness Month

Posted by:

We are steaming through October’s cybersecurity awareness month. We have talked about how ignoring the everyday scams, malware and data grabs is detrimental to individuals as well as your organization’s risk posture. In fact, passwords are still the number one attack vector. Don’t think for a moment that the password problem has gone away.

In 2017, a Verizon report stated that 95% of web application attacks take advantage of weak ...

Read More →
0

Top Five Data Breaches of Summer 2018

Posted by:

It seems that 2.6 billion records were exposed in the first half of 2018. Just to provide context, remember that there are less than 3 times that many people alive on the planet. Obviously, those records don’t represent unique users, but it goes to show the sheer scope of the problem.

And it is an expensive problem. In the U.S. the average price tag swells to $7.91 million per breach, with an average clean up time ...

Read More →
0

Blockchain – not just for cryptocurrencies, and not guaranteed secure

Posted by:

Blockchain continues to be widely promoted as a panacea set to revolutionize the internet, cut out all manner of middle-men and lead us to a new, simpler, safer world.

In the minds of most everyday folks (at least, those who are aware of it at all), it remains closely tied to Bitcoin and other cryptocurrencies, while even those who have heard about its wider applications tend to consider it super-secure by default.

But both these assumptions are on very shaky ground: it ...

Read More →
0

Yes, the passwords users choose *really* matters

Posted by:

Earlier this month, we celebrated that little-known tribute day known as World Password Day.

Responsible security organizations should use this opportunity to share best practice advice to help people understand just how darn easy it is for fraudsters to cause havoc if they can access privileged accounts authorized to change, edit and delete files, settings, apps or data.

Sadly, it seems that it is also a day where marketing people, who might be less au fait with cybersecurity, ...

Read More →
0
Page 1 of 6 12345...»
})
SEC Cybersecurity Exams