With the cost of a data breach at an all-time high of $4.35 million and regulations worldwide imposing steeper penalties for compliance failures, organizations must ensure that they have all necessary security controls in place to keep their data safe. Implementing the CIS Controls provides a sound foundation for effective defense against cyber threats First developed in 2008, the CIS Controls are updated periodically in response to the evolution of both technologies and the threat landscape.

I know many will read this title and think that I am crazy. If I am compliant with NIST, HIPAA, ISO, PCI, etc., then I am running a secure network. And to a point that is true. But let’s look at it this way. If you are driving down the interstate at the posted speed limit and are keeping three car lengths between the driver in front of you, are you truly safe and secure on the interstate?

Ever heard of pretexting? And no, we’re not talking about when you first carefully draft a risky text message before sending it! Pretexting is a sneaky and highly effective form of social engineering that attackers use to dupe people into sharing their personal information.

The Covid-19 pandemic caused a seismic shift in remote working practices. Before the pandemic, 34% of US employees worked remotely at least one day a week. Now, as we emerge from the pandemic, 35% of Americans work from home full-time — with a further 23% able to work remotely part-time. This equates to approximately 92 million remote workers in the US alone. But this rise in remote working is causing significant corporate cybersecurity issues.

In theory, modern web frameworks provide secure ways of accessing databases, making SQL injections a non-issue. The reality looks much different. Among other injection vulnerabilities, SQL injections are still atop the OWASP Top 10, and organizations still frequently fall victim. Therefore there is no way around software security testing solutions that can reliably detect SQL injections.

IHG Hotels & Resorts, the hotel group that owns the Holiday Inn and Intercontinental brands, experienced a cyber attack in the first week of September. The attack has impacted the central hotel’s booking system and mobile apps, causing a service outage for several days. Loyalty program members could not log in or create new bookings during this time.

Security operations professionals are constantly being pushed to the edge of their capacities. They’re dealing with endless manual processes and managing tasks sequentially, because of the limitations of their security tools and options. They’ve dreamed of being able to execute more tasks simultaneously to quickly enrich, analyze, contain, and resolve security threats. Today, Torq is proud to introduce Parallel Execution, which makes those capabilities a reality.

In today’s business climate, more companies are looking for ways to enable their employees to work remotely. While this can certainly have its benefits, it also presents a unique set of challenges – not the least of which is how to keep your data secure. That’s where multi-factor authentication (MFA) comes in.