The current state of privacy laws in the USA 2020: what you need to know

Posted by:

After the introduction of the CCPA in 2018 a whole slew of states got on board the data privacy bandwagon, and it looked like there was real momentum in the direction of increased rights for citizens over their own data.  By the middle of 2019 more than a dozen states had introduced some kind of privacy bill, either from scratch or as an amendment to existing privacy laws.

So how has that turned out?

Well, if you’re an advocate for increased user ...

Read More →
0

How to evidence your way thru compliance

Posted by:

I’m not usually a fan of nouns being used as verbs.  As Calvin said to Hobbes in Bill Watterson’s wonderful comic strip, “Verbing weirds language”.

I mean, who really ‘dialogues’ with colleagues, or  ‘greenlights’ tasks for them to ‘action’? 

But there’s one denominal verb https://en.wikipedia.org/wiki/Denominal_verb (yes of course there’s a word for it) which I find myself using, and that is ‘evidencing’. This is a wonderfully concise way of saying “proving ...

Read More →
0

The Delicate OpSecs needed to secure Supply Chains

Posted by:

OPSEC is a pretty familiar term in this industry, but reviewing its fundamental meaning and what it implies for us today in our current threat landscape is a useful exercise.

After all, being able to secure our systems and information from prying eyes from the likes of cyber thieves, scammers, ransomers, and so on, is a key priority for most businesses today.

OPSEC is the term the industry uses to talk about operational security. ...

Read More →
0

Should C-level Bonuses Be Tied To Cybersecurity Posture?

Posted by:

The cybersecurity catch-22 – have you run across it? This is where, for example, you’ve found a vulnerability in a product, and you inform the affected company in a responsible way, but you never receive a response.

Or perhaps you work in the development team, and really want your employers to give you the resources you need to address a security flaw, only to see your requests shoved aside to focus on new, sexier features.

Read More →

0

Are employees really the weakest link in your cyber-defense strategy?

Posted by:

It’s been touted for awhile that people, be they employees, business partners or consultants, are the true weakness in the cyber defenses of an organization.

It is people – all with some level of access to the inner sanctum of the network – that have been a main focus for malicious agents (aka “the bad guys”).

It isn’t rocket science as to why – as technology gets more complex and savvy, it is more difficult to sneak into a system undetected from ...

Read More →
0

The Big Case for Multi-Factor Authentication: October Cybersecurity Awareness Month

Posted by:

We are steaming through October’s cybersecurity awareness month. We have talked about how ignoring the everyday scams, malware and data grabs is detrimental to individuals as well as your organization’s risk posture. In fact, passwords are still the number one attack vector. Don’t think for a moment that the password problem has gone away.

In 2017, a Verizon report stated that 95% of web application attacks take advantage of weak ...

Read More →
0

Top Five Data Breaches of Summer 2018

Posted by:

It seems that 2.6 billion records were exposed in the first half of 2018. Just to provide context, remember that there are less than 3 times that many people alive on the planet. Obviously, those records don’t represent unique users, but it goes to show the sheer scope of the problem.

And it is an expensive problem. In the U.S. the average price tag swells to $7.91 million per breach, with an average clean up time ...

Read More →
0

Top five IT security threats AND what you can do about them

Posted by:

The job of a security administrator is far more complex today than ever. Plethoras of attacks attempt to blow down your corporate doors on a daily basis. Below, we’ve outlined today’s most prevalent attacks, and provided some expert advice on how to prevent being their next victim.

 

Malware and targeted attacks

Malware has moved a long way from the viruses and worms of the 1990s, becoming ever more crafted to target specific businesses or sectors, to steal ...

Read More →
0

Cryptomining overtakes Ransomware as leading malware and cause of headaches for IT

Posted by:

According to experts, current crypto value is said to reach one trillion dollars this year. With an estimated five-to-ten million active wallets.

Take Statista, who reports the price of Bitcoin experienced an increase from about 371 U.S. dollars in January 2016 to over 13 thousand by December 2017. Also, market capitalization of Bitcoin rose from $0.04 billion in Q1 2012 to over $230 billion in Q4 2017.

Many of us would be lying if we said we hadn’t at least thought ...

Read More →
0

Petya or NotPetya – How It Spreads And What To Do About It

Posted by:

Petya or NotPetya That Is The Question

Actually, this latest ransomware outbreak is not Petya. The malware appears to share a significant amount of code with an older piece of ransomware that really was called Petya, but after the outbreak started, security researchers noticed that “the superficial resemblance is only skin deep”.
Researchers at Russia’s Kaspersky Lab redubbed the malware NotPetya, and then folks played the name game and variation like Petna, Pneytna began to spread as a result. As if that didn’t ...

Read More →
0
Page 1 of 2 12
})
SEC Cybersecurity Exams