Conducting a regular risk assessment is an integral part of any organization’s overall risk management program — and sometimes even a legal requirement, depending on your industry, contractual obligations, or the number of persons you employ. A risk assessment is the systematic process of identifying threats or hazards in your work environment, evaluating the potential severity of those risks, and then implementing reasonable control measures to mitigate or remediate the risks.

Back in the early days of networking, many companies assigned all of the responsibilities to anyone who showed any aptitude towards operating a computer. In many companies, this was an accountant or someone else who also managed sensitive financial information. The assumption was that the person managing the corporate books was the most trustworthy person in the organization.

If you own any virtual currency, what will happen to it after you’ve passed away? Would your friends and family know what you owned? Or how to access the funds?

World Mental Health Day is recognized annually on October 10. At Detectify, we witness the fast pace of cybersecurity each day and to keep up we sometimes need to slow down. We recognize the important of mental health and this year, we asked Crowdsource hacker and founder of Haksec, Luke “Hakluke” Stephens, to share how he manages stress to avoid burnout as a cybersecurity professional.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. There was me at the early part of the week thinking not much earth shattering infosec the previous week and hoping for some excitement this week. And what happens? Yes something comes along. First being a happy day of no social media.

On Monday, October 4, 2021, Facebook suffered a prolonged outage when, during routine maintenance, all connections to their global backbone network were mistakenly taken down. More details on the cause and response to the outage are available on the Facebook blog. At Netskope, we help secure the cloud and web traffic of millions of users worldwide. In this blog post, we provide a glimpse into what the Facebook outage looked like from our perspective.

Although the typical use case of SSH is to access a remote server securely, you can also transfer files, forward local and remote ports, mount remote directories, redirect GUI, or even proxy arbitrary traffic (need I say SSH is awesome?). And this is just a small set of what’s possible with SSH.

The entitlement review definition is simple: a review of user access permissions and other rights. The goal of a user entitlement review is to ensure that each user in the IT environment has access to the data they need to do their job and nothing more — the principle of least privilege. A structured and regular entitlement review process helps mitigate security risks and protect sensitive data.

Cybersecurity Awareness Month is now in its 18th year. Hosted by the CISA and National Cybersecurity Alliance (NCSA), the event’s goal is to raise awareness about the importance of cybersecurity and to ensure all Americans have the resources they need to keep their data secure. This year, Devo is one of the 2021 champion organizations for Cybersecurity Awareness Month.

In this blog post, we outline how the campaign works and the steps organisations can take to reduce the potential risks created by this and other email-based attacks.