Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

How Will ISO 27701 and the GDPR Affect Your Organization?

Companies today face increasing pressure to implement strong cybersecurity controls. While the U.S. has no comprehensive cybersecurity law, many organizations still fall under state, international, or industry regulations. Two of the most prominent controlling publications are the General Data Protection Regulation (GDPR), and the ISO 27701 standard. One has the force of law, and the other is a guiding framework, respectively. Both of these documents apply to an increasing number of businesses.

Can We Lighten the Cybersecurity Load for Heavy Industries?

One of the biggest problems with the IT / OT convergence in critical infrastructure is that much of the legacy hardware cannot simply be patched to an acceptable compliance level. Recently, Sean Tufts, the practice director for Industrial Control Systems (ICS) and Internet of Things (IoT) security at Optiv, offered his perspectives on where the industry has been, where it is going, and some of the progress being made to secure critical infrastructure.

FTC highlights the importance of securing Log4j and software supply chain

Earlier this week, the FTC issued a warning to companies regarding the Log4j vulnerability. Given the rampant exploitation of the recently discovered vulnerabilities in this ubiquitous open source logging package, it’s encouraging to see the agency take this rare step, beginning to form a firm stance on software supply chain security. Although this increased scrutiny from the FTC may at first seem daunting, violations can be remediated with the right practices.

How to stay creatively inspired while working from home

Creativity can be fickle. One day, your brain is full of bright ideas you’re keen to jot down, develop, and share with others. The next day, you have nothing. Zilch. Not even a flicker of an idea. You suddenly feel like a world-class restaurant that’s run out of ingredients.

Clearing Security Hurdles Faster to Drive Business Forward in 2022

As organizations look to take their 2022 security concerns head-on, they need to create resilient cybersecurity programs that help them make smarter, faster, informed decisions. In our recent webinar, I had the pleasure of chatting with security professionals Mike Wilkes from SecurityScorecard, Scott Fuller from Access Health, and John Beal from St. Charles Health. They discuss the challenges they face and how their security plans for 2022 to mitigate risk across their entire ecosystem.

Why You Need an Adversary-focused Approach to Stop Cloud Breaches

It should come as little surprise that when enterprise and IT leaders turned their attention to the cloud, so did attackers. Unfortunately, the security capabilities of enterprises have not always kept up with the threat landscape. Poor visibility, management challenges and misconfigurations combine with other security and compliance issues to make protecting cloud environments a complex endeavor.

The Top Cyber Attacks of December 2021

Things tend to slow down for many businesses at the end of the year. As the holidays roll in and employees take time off with their families, December is generally a time to take stock of what transpired over the year and start looking ahead to the next one. Unfortunately, that’s not how cybercriminals operate.

Weekly Cyber Security News 07/01/2022

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. What a start to 2022…. I happened to be on Twitter New Year’s Day and spotted a flurry of tweets about MS Exchange. Digging deeper it looks like a lot were firefighting a serious bug.

How to Set Up Two-Factor Authentication for SSH

One way to enhance SSH login security is by using two-factor authentication (2FA). This approach forces an administrator to self-identify with an additional security verification in addition to the local admin credentials. This tutorial guides you through setting up Google Authenticator PAM to enable 2FA for users connecting to SSH on a Linux server. We’ll use nano as our editor in examples.

Six-Figure Savings: How A Financial Institution Banked On Forward Enterprise For Massive Returns

As one large, global financial institution prepared for employees to return to the office, its IT team identified a significant issue with the company's more than 8,000 access switches. The switches in question were used to provide connectivity to IP Phones – a crucial part of people's work across virtually all areas of the company.