At Ekran System, we take our security and the protection of our partners and customers seriously. Our commitment to delivering the best insider risk management services motivated us to align our own security posture to the current Cyber Essentials standards. We are proud to announce that we have obtained the certification!

The increasing reliance on outsourcing and cloud computing means vendors play an ever-growing role in business operations. Therefore, Vendor Risk Management is more essential now than ever before.

ESG frameworks are guidelines, metrics, and criteria that allow companies and investors to develop sustainability reporting standards and evaluate environmental, social, and governance risks. Common ESG frameworks include the Global Reporting Initiative (GRI), Carbon Disclosure Project (CDP), and Task Force on Climate-Related Financial Disclosures (TCFD). Over the last decade, ESG performance has become an important metric to evaluate an organization’s operational sustainability.

Last week, we released Splunk SOAR 6.2 (Security Orchestration Automation and Response) and in the accompanying announcement blog, we highlighted some of the new key features found in this release. Today, we want to take a more in-depth look at one of those features, logic loops, and show how they make it easier than ever for security engineers and analysts to save time and cut down on repetitive manual tasks.

Protecting intellectual property (IP) and trade secrets is critical to a company’s bottom line. Keeping IP and sensitive business-critical information within the confines of the company and its employees is not always possible, especially in the manufacturing industry. Vendors must often share previews of new products with retailers and distribution partners before release.

Even when looking at the various kinds of risks to business, cyber attacks still remain the biggest problem. But new data shows there may be a lesson to be learned to minimize losses. Aon’s Global Risk Management Survey, nearly 3,000 organizations across 61 countries were asked about sources of business risk. In the report, “Cyber Attack/Data Breach” was the #1 current risk and #1 future risk seen by organizations.

An application’s attack surface is the sum of all the areas of an application which could be attacked by malicious attackers. This includes the application’s APIs, the underlying code, supporting infrastructure, and any other components which could be compromised. The goal for any organization is to reduce the attack surface area by discovering and minimizing potential vulnerabilities.

Shifting a Flexible Single Master Operations (FSMO) role from one domain controller (DC) to another is normally done through a role transfer operation. But if the DC that holds an FSMO role experiences a serious failure that takes it out of service, you must instead seize its FSMO roles and reassign them to a functioning DC. For example, you need to seize an FSMO role if the current role holder: Important: After you seize an FSMO role from a DC, ensure that it is never reconnected to the network.

Security information and event management (SIEM) systems play a pivotal role in cybersecurity: they offer a unified solution for gathering and assessing alerts from a plethora of security tools, network structures, and software applications. Yet, the mere presence of a SIEM isn't a magic bullet. For optimal functionality, SIEM systems must be appropriately set up, governed, and supervised round-the-clock.

In the fast-paced world of cybersecurity, the recently released 2023 ISC2 Cybersecurity Workforce Study paints a bright future for the industry although significant obstacles remain including a workforce and skills gap. Conducted by ISC2, the leading nonprofit member organization for cybersecurity professionals, this study examines critical aspects of the cybersecurity landscape.