Cloud Access Security Brokers (CASB), also known as Cloud Security Gateways, were created to address the increasing cloud security problems facing organizations as cloud and application usage increased over the last decade.

If you’re like most of the complex IT shops we talk with, you probably don’t even have a current security matrix to store anywhere – file cabinet or data folder. The connectivity matrix is essentially the company security posture, but almost no one has a comprehensive way to visualize and easily understand the connectivity status between the various configured security policies (zone-to-zone policies).

Looking to become certified to the ISO 27001 standard? In this article you will learn what ISO 27001 is, the key terms and definitions, information security risks you need to consider, and the process for meeting your compliance and certification requirements.

On its surface, CVE-2021-42292 doesn’t look like the kind of vulnerability that a network-based tool can find reliably. Marked by Microsoft as a local file format vulnerability, security veterans would expect that between encryption and encoding, there would be a million different ways to evade network detection with a weaponized exploit.

The Open Web Application Security Project (aka OWASP) recently announced its latest updates to the venerable OWASP Top Ten list. This publication is meant to bring attention to the most common classes of software-related security issues facing developers and organizations in the hopes of helping them to better plan for and address potential high-severity issues in their codebases.

Like other organizations that are adopting a permanent hybrid or remote-first work environment, Lookout is using our Secure Access Services Edge (SASE) platform to implement cybersecurity that is not tied to the physical office spaces where employees used to work. SASE is a security framework defined by Gartner that has been adopted by many organizations to enable intelligent Zero-Trust access from anywhere without hindering productivity.

In my previous post, I discussed some of the most common types of services offered by managed service providers (MSPs). This brings us to what organizations need to do to prepare to work with an MSP. Here are some considerations to keep in mind.

Today’s cyber threat landscape is extremely challenging. Ransom this, ransom that, ransom everywhere – information technology (IT) professionals must work to protect organizations against the next big ransomware attack. Over the years, the sophistication of ransomware attacks has increased as well as the amount of money demanded and paid out in exchange for the ransom-held information.

Nearly all U.S. executives (98%) report that their organizations experienced at least one cyber event in the past year, compared to a slightly lower rate of 84% in non-U.S. executives, according to Deloitte’s 2021 Future of Cyber Survey. Further, COVID-19 pandemic disruption led to increased cyber threats to U.S. executives’ organizations (86%) at a considerably higher rate than non-U.S. executives experienced (63%). Yet, 14% of U.S.

Protecting sensitive data with multi-factor authentication (MFA) has become a requirement for cyber insurance policies. Recent attacks (SolarWinds, Colonial Pipeline, Kaseya) and mandates like the White House’s Executive Order to implement MFA in 180 days or less, are proving that identity and password-related vulnerabilities are a top security threat, and one where you can lose a lot of money.