Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Building and Evaluating a Threat Intelligence Program (Part 1)

In the previous post, we discussed the basics of Threat Intelligence and its types by throwing light on the concept of knowns and unknowns. In information security, any information which can aid the internal security team in the decision-making process and reduce the recovery time accordingly is considered as threat intelligence. This first part in this series of articles will discuss threat intelligence cycle and its importance.

2 Big Steps to Keep Electronic Health Records Secure

Many industries have sweepingly digitized their documentation in the name of efficiency – substantial efficiency. The healthcare industry created the electronic health record (EHR) in the name of efficiency as well (among other benefits). But EHRs are far from universal in the medical space. While some hospitals and practices are simply slow to adopt modern practices, the greatest barrier to the universal adoption of electronic health records is privacy and security.

AI and ML: Key Tools in Emerging Cybersecurity Strategy and Investment

Recently, the Defense Advanced Research Project Agency (DARPA) announced a multi-year investment of more than $2 billion in new and existing programs in artificial intelligence called the “AI Next campaign. Agency director, Dr. Steven Walker, explained the implications of the initiative: “we want to explore how machines can acquire human-like communication and reasoning capabilities, with the ability to recognize new situations and environments and adapt to them.”

To phish or not to phish?

We are all no doubt aware of phishing. That age-old practice of sending fraudulent emails with the hope of gaining financial details, obtaining account credentials or tricking a user into installing malicious software. The practice is not new. In fact, before the wide-spread use of the internet, people would often receive letters claiming that they had won some sort of competition and to claim their prize, all they had to do was send some cash to front the delivery costs.

Weekly Cyber Security News 14/09/2018

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A lot to get worked up about this week, and I will skip the majority of the noise about British Airways and yet more MongoDB related shenanigans, to highlight another kind of oversight: Deploying publicly accessible web content with Git and not cleaning up afterwards – or not doing it in the first place perhaps.

Configuration Hardening: Proactively Guarding Systems Against Intrusion

The concept of configuration hardening has nice imagery to it. When we use it to describe battle-hardened soldiers who have been tested in combat, a grim, determined image invariably leaps to mind. The same thing happens when we speak of hardened steel that’s been repeatedly quenched and tempered or of hardened fortifications and bunkers.

What Cloud Migration Means for Your Security Posture

It shouldn’t come as a surprise to anyone reading this article that there has been a major shift towards businesses hosting their critical applications in the cloud. Software-as-a-Service (SaaS), as well as cloud-based servers from Amazon or Microsoft, have changed the way we build networked business systems for any size organization.

Telefónica Improves Movistar+ Customer Satisfaction while Reducing Operational Costs with Devo

Cambridge, MA, September 12, 2018 – Devo Technology, today announced that Telefónica has implemented the Devo Data Operations Platform to improve the quality of customer experience for Telefónica’s Movistar+ television service offering.