Confession: I am a security practitioner. I am also a mom. What I am not is a homeschool teacher. Earlier this year, I spoke to the 5th- and 6th-grade classes at my son’s Innovation Day about cybersecurity. I discussed what it means to be a cybersecurity practitioner and how the practice of cybersecurity affects everyday life.

Many mature security teams look to the MITRE ATT&CK® matrix to help improve their understanding of attacker tactics, techniques, and procedures (TTPs) and to better understand their own capabilities relative to these common adversarial approaches. With the release of Elastic Security 7.6, Elastic SIEM saw 92 detection rules for threat hunting and security analytics aligned to ATT&CK.

A considerable portion of cyber-attacks target simple and unnoticed security vulnerabilities, that is why conducting a thorough vulnerability assessment is vital for each and every organization. Read our article to learn more. As the technology advances, a vast majority of the business processes are realized online. Each and every day we share important files, send e-mails, conduct communication with our team and customers, and we do all these tasks online.

Our world has been turned upside down by COVID-19. Whether it's strategically planning our grocery run decontamination process, or trying to keep the kids quiet for even one single moment while on a conference call — things are different. One very evident difference is the change in the way we meet with each other. And one technology enabling this change is Zoom.

Cyber attacks are unfortunately inevitable. It’s important to security harden your networks as much as possible. But your organization must also be prepared for incident response. Effective incident response involves an awareness of various cyber risks and threats, having a plan to respond to the various ways they manifest, and having a team that can think quick on their feet when they actually occur.

Slack is a cloud-based messaging platform that is commonly used in workplace communications. It is feature-rich, offering additional functionality such as video calling and screen sharing in addition to a marketplace containing thousands of third-party applications and add-ons. Slack Incoming Webhooks allow you to post messages from your applications to Slack.

The Health Insurance Portability and Accountability Act, also known as HIPAA, is a compliance standard that was implemented after all health-related information was digitized. The crux of the act is to ensure that all sensitive electronic protected health information (ePHI) has restricted, secure access. Various aspects of your network determine your compliance with HIPAA standards. Let’s discuss some of these important components in detail.

The unfortunate truth is outsourcing to third-parties introduces significant cyber risk. The news is inundated with third-party data breaches and data leaks. With the average cost of a data breach at nearly $4 million globally, it makes sense to invest in tools to prevent data breaches. This is why cybersecurity vendor risk management (VRM) has become a top priority for CISOs and other members of senior management, even at the Board level.

On March 27, 2020, President Trump signed an unprecedented $2 trillion stimulus package into law. The legislation received support from both chambers of the U.S. Congress for its goal to minimize the economic effects of the global coronavirus 2019 (COVID-19) pandemic, reported CNN. A key component of that package was the direction to provide economic relief to Americans in the form of stimulus checks of varying amounts depending upon their income.

Digital attacks continue to weigh on the minds of industrial cybersecurity (ICS) professionals. In a 2019 survey, 88% of ICS experts told Tripwire they were worried about what a digital attack could mean for their industrial organization. The rate was even higher for those working in the manufacturing and oil & gas sectors at 89% and 97%, respectively. Such widely held concern suggests a need for industrial organizations to make greater investments in their digital security posture.