It is no secret that agencies are facing multiple challenges when it comes to meeting mandates from the White House Executive Order on Improving the Nation’s Cybersecurity. The order calls for the adoption of numerous best practices, including the implementation of a zero trust architecture (ZTA).

The global pandemic and more recent geo-political events have brought an even greater focus on the threat of cyber attacks on individuals and businesses. Even as global lockdowns and restrictions on movement have eased, many organizations have not adapted to remote or hybrid styles of work. The reality that most of the workforce now operates outside a perimeter that can be controlled creates greater opportunity for scammers, hackers and the potential for cyber attacks than ever before.

The German IT Security Act 2.0 (IT-SiG 2.0) has been in force since May 2021. Due to this new law, significantly more German companies have been classified as operators of critical infrastructures (KRITIS) than ever. This is a major cause of headaches for many managers. In addition, IT departments are starting to ask themselves: "Are we now regarded as KRITIS"? And if so, "What do we have to take into consideration?"

Egnyte recently gave a sneak peek of exciting new features and capabilities that will be incorporated into the platform in the coming months. These upgrades underscore Egnyte's commitment to helping companies control data risk, reduce IT cost and complexity, and delight end users. The latest look at the roadmap was delivered in a series of webinars as part of the summer edition of State of Egnyte.

Have you been worried about whether your deployment is secure? Are you tired of keeping track of all security vulnerabilities and vendor-provided patches to ensure that your exposure to such vulnerabilities is minimized? What about making sure that the certificates for your hundreds of forwarders, indexers, search heads and other Splunk connectors are not expired? You’re not alone!

Enterprise risk management (ERM) is a disciplined, holistic way to identify, manage, and mitigate risk throughout your entire enterprise. IT risk management (ITRM) is one subset of that effort, focused on identifying and managing risks specific to IT functions. An industry-accepted ITRM framework can help you implement an ITRM program quickly and with minimal disruption.

The Federal Risk and Authorization Management Program (FedRAMP) is meant to assure the security of cloud services used by the U.S. government. It standardizes the security assessments, authorizations, and continuous monitoring of cloud service offerings (CSOs) used by federal government agencies.

Becoming ISO 9001 compliant can be difficult. It requires those who are seeking it to be open to change, and to be able to commit to their new Quality Management System (QMS) processes and controls. Additionally, having to continuously stay compliant with the QMS can add a lot of pressure. But… the payoff is worth it.

How and why do attackers target an organization’s Active Directory (AD)? This blog, which is part 8 of the series A Practical approach to Active Directory Domain Services, will provide you with the answers. In this part, we will examine what attackers gain by compromising the AD setup. We will also look at some of the most noted means by which AD is compromised. There are two main sections to this blog.