Photo by BENCE BOROS on Unsplash Welcome to the world of Internet of Things (IoT) and a glimpse into the future. The IoT is where the physical world merges with the digital world. Soon, we expect the world IoT population to outnumber the human population tenfold—perhaps as many as 80 billion connected devices by 2025.
Like storytelling, data visualization can be used to provide a narrative about your organization’s cybersecurity posture. Cybersecurity is never a single thing; it is an amalgamation of an often growing list of issues that never seem to end. So in order to make some sense of what it means for the health of your organization, I am combining several metrics to define a singular one—cybersecurity posture—in a visual manner.
Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until ransom is paid. Ransomware spreads through phishing emails, malvertising, visiting infected websites or by exploiting vulnerabilities. Ransomware attacks cause downtime, data leaks, intellectual property theft and data breaches. Ransom payment amounts range from a few hundred to hundreds of thousands of dollars. Payable in cryptocurrencies like Bitcoin.
An information security policy (ISP) is a set of rules, policies and procedures designed to ensure all users and networks within an organization meet minimum IT security and data protection security requirements. ISPs should address all data, programs, systems, facilities, infrastructure, users, third-parties and fourth-parties of an organization.
Just a few years ago, most IT environments were made up of deployed servers on which personnel installed applications, oftentimes as many as that one system could handle. They then remained and ran that way for years. In the meantime, the IT team maintained the system and updated the applications as needed. Sometimes there were test versions of those systems, but this wasn’t often. Even then, the OS often didn’t match the production version of the same system.
As of today, no laws or regulations, even the latest version of PCI-DSS, HIPAA, and HITECH, do not make network segmentation or micro-segmentation compulsory to comply with the rule. By making network segmentation discretionary -- even when transmitting, processing, or storing regulated data, the number of breaches will continue to rise as companies err on the side of doing less with more.
SIEM deployment process can be rather involved and overwhelming since SIEM can offer a wide array of solutions for different needs of your organization. In this blog post, we discussed the deployment process of SIEM and added a brief checklist. SIEM tools have been one of the most topical tools in the industry for a while now. They offer a wide range of solutions to organizations from various backgrounds and sectors.
Aviation is a component of critical infrastructure that is comprised of a complex web of public and private organizations relying on millions of assets to move people and cargo around the world. The industry supports countless critical functions such as emergency response, community access, agricultural support, passenger services, national security, law enforcement, border security, intermodal connections to rail and shipping, and much more.
Information security is an exciting and rapidly growing field for individuals who are interested in protecting users and their data. In an effort to map out the industry as a possible career choice, we recently conducted research into the top 10 infosec jobs based on overall pay grade. We now continue with the second part of our two-part series.
