Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

Splunk and Zscaler Utilize Data and Zero Trust to Eradicate Threats

The past year has challenged us in unimaginable ways. We kept our distance for the greater good, while companies faced the daunting task of transforming their workforce from in-person to remote — practically overnight. This presented a unique challenge for cybersecurity teams. How would they ensure employees retained access to critical data in a secure way? Working in the cloud has made remote work easier for many organizations, but has also presented new risks.

The State of Incident Response

Kroll, Red Canary and VMware conducted a survey of over 400 information security and 100 legal and compliance leaders from companies with over $500M in annual revenue to capture the current state of incident response from a technical and legal perspective. Our goal was to highlight trends, identify common challenges and understand how organizations are maturing their preparedness, detection and response programs.

What are Cybersecurity Threats?

A cybersecurity threat is the threat of malicious attack by an individual or organization attempting to gain access to a network, to corrupt data or steal confidential information. No company is immune from cyber attacks and the data breaches that can result. Some cyberattacks can even destroy computer systems. As cyber threats become increasingly sophisticated, your business must implement the security needed to safeguard its data and networks.

The Winds of Change - What SolarWinds Teaches Us

In December 2020, the world discovered that the SolarWinds’ Orion Platform had been compromised by cybercriminals, potentially affecting thousands of businesses the world over. Security groups such as the National Cyber Security Centre (NCSC) provided advice and guidance to security teams and IT companies on what actions they should take to minimize the impact on them and their customers.

Continuous Cyber Monitoring and Rating with SecurityScorecard

At Infocom Security Greece virtual event on April 23, 2021, Nadji Raib (Regional Sales Director, SecurityScorecard), Matthew McKenna (President of International Sales, SecurityScorecard), and Panagiotis Pierros (Managing Director, TICTAC LABORATORIES) presented how important it is not only to monitor your own security posture but also to monitor your 3rd party, 4th party, and your entire ecosystem of vendors and partners. The demo section shows how easy it is to instantly rate a company's current security posture and to prioritize what are the issues that need to be fixed to get a better security rating.

Lessons learned from building an inventory of systems

Many frameworks, standards, and regulations require organizations to have an IT Asset Management program in place. However, the understanding of what separates a mature Information System Inventory (ISI) from an IT Asset Inventory and the benefits realized from an ISI are generally less well understood. Naturally this may lead to a higher likelihood of deprioritizing an ISI in favor of what are viewed as more pressing security needs. Figure 1.

How to manage data subject access requests (DSARs)

In a nutshell, a data subject access request – or DSAR for short – is when someone asks a organisation for a copy of all personal data they hold about them, and then that organisation provides it in a clear and structured way. In addition to the data itself, DSARs allow a data subject (like you or me) to find out things like what the organisation is doing with the data, who they’re sharing it with, how long its held on to for, where they got it from, and so on.

Web Application Penetration Testing Checklist that You Need to Know About

Adaptation of large-scale web applications at a wider level in several multi-faced industry verticals like healthcare, banking, intelligence services and others has exposed them to massive data breaches. Despite increasing awareness about security, complex threat vectors continue to put organizations across the globe under attack.

Weekly Cyber Security News 23/04/2021

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. I admit this is frivolous, and low risk, but come on…. The increasing completely pointless devices out there that insist on Internet connection when you are highly unlikely going to be out of sight of said device is bonkers… No…