Egnyte Expands Footprint in Healthcare & Life Sciences
Creating HIPAA compliant collaboration and management solutions for 1000+ organizations in the space
Creating HIPAA compliant collaboration and management solutions for 1000+ organizations in the space
Today, I will be going over Control 20 from version 7 of the top 20 CIS Controls – Penetration Tests and Red Team Exercises. I will go through the eight requirements and offer my thoughts on what I’ve found.
Windows supports a code-signing feature called Authenticode, which allows a software publisher to digitally sign executable files (e.g. .exe, .msi, …) so that users can verify their autenticity. The digital signature of a file can be viewed in the file properties in Windows explorer on the “Digital Signature” tab.
Chances are your organization already addresses cyber security to some extent in new employee onboarding. Whether that’s traditional training videos on cyber security that employees watch on their own time, presentations by IT, or brochures, most employees know that their companies have cyber security protocol and best practices. But how many of your employees actually know what the protocol and practices are?
A SIEM or Security Information and Event Management is only as good as its logs. People can think of logs as the fuel for the engine. Without logs (log management), the SIEM will never be useful. Selecting the right types of logs to ingest in your SIEM is a complex undertaking. On one hand, it is easy to say “Log it all!” but you will inevitably reach the glass ceiling of your SIEM, which will either be your licensing or you will cap the performance of the SIEM hardware.
On August 5, 2015, the British mobile phone retailer, Carphone Warehouse discovered a “sophisticated attack” on its systems, possibly compromising the personal information of 2.5 million customers and the encrypted credit card data of an additional 90,000 customers.
Applying machine learning (ML) and artificial intelligence (AI) techniques to analyze files within a content repository can raise the bar on operating efficiencies and produce smarter solutions that bring “structure” to unstructured data.
"Zero Trust" refers to a network security strategy that calls for all users – internal and external – to be authenticated before gaining access to the network. Zero Trust means organizations never implicitly trust anyone with their sensitive data. Instead of using a blanket network perimeter, Zero Trust networks implement a series of micro-perimeters around data so only users with clearance to access certain data points can get to them.