Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

The 2019 SANS Security Awareness Report: Awareness Training Is Rising

Cybersecurity and cyber security awareness are critical to business survival in an era dominated by growing virtual crime. It might be true that most people know about costly identity theft and reputation-destroying network hacks. Organizations spend millions every year trying to defend themselves against cybercrime, but still, attacks seem to be more and more successful.

Moving to the Cloud and How You Shift Your Security Management Strategy

As someone who has worked for their entire career in the Managed Network Services space, if I had to pick out, over the past five years, two of the most impactful shifts in managing technology, it would be a shift from traditional, in-house servers to solutions where 3rd parties build “clouds” to provide similar business functions as well as the increased pressure on organizations to have comprehensive cyber-security strategies as threats become more significant.

Weekly Cyber Security News 02/08/2019

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Such an amazing choice of juicy news articles this week! I will skip the seriously weird and rapidly escalating circumstances of the Capital One breach, and instead dive into the some of the more low key, but nevertheless interesting items. First up, and for those of you who post infosec articles, something you will understand: stock photos.

What Is Cybersecurity Risk? A Thorough Definition

Cybersecurity risk is the probability of a cyber attack or data breach on your organization. Organizations are becoming more vulnerable to cyber threats due to the increasing reliance on computers, networks, programs, social media and data globally. Data breaches, a common cyber attack, have massive negative business impact and often arise from insufficiently protected data.

Cyber Security Vs. Information Security: The Key Differences

While cyber security and information security are generally used as synonyms, there are key differences that need to be understood. A good place to start is with data security. Data security is about securing data. Not every bit of data is information. Data becomes information when it is interpreted in context and given meaning. An example: 061580 is data and it becomes information when we know it's a date of birth. Information is data with meaning.

For mid-sized enterprises to win the cybersecurity race, the game needs to change

Why does AT&T Cybersecurity get me so excited on behalf of the mid-sized enterprises that make up the bulk of business around the globe? Well, one example I like to share is from a bicycle manufacturer I had the pleasure of visiting a few years ago. As a cycling enthusiast myself, I know these manufacturers are true experts, with deep knowledge and passion for the businesses they run and technology they develop.

Exposed internal database reveals vulnerable unpatched systems at Honda

Automotive giant Honda has shut down an exposed database that contained sensitive information about the security — specifically the weak points — of its internal network. Security researcher Justin Paine discovered the sensitive information after scouring the internet with Shodan, a specialist search engine which can be used to find exposed internet-enabled devices such as webcams, routers and IP phones.

WaterISAC: 15 Security Fundamentals You Need to Know

Digital attacks targeting water facilities are on the rise. In its 2016 Data Breach Investigations Report, for instance, Verizon Enterprise disclosed an incident in which bad actors breached a water treatment plant and altered the levels of chemicals used to treat tap water at that facility. News of this incident came approximately two years after the ONWASA water facility revealed it had suffered a ransomware attack that had disrupted its internal computer system in the wake of Hurricane Florence.

Major Breaches That Highlight The Importance of Visibility in The Workplace

Rapidly detecting an incident can be the difference between the survival or closure of a company after a cybersecurity breach. The longer it takes to detect, the more costly it becomes, and visibility plays a vital role in that process. As companies struggle to detect the foul play, contain the incident and coordinate response, without adequate enterprise visibility, the extent of the damage is likely to increase.

The ultimate guide to VPN encryption, protocols, and ciphers

Introduced to the market nearly two decades ago, Virtual Private Networks (VPNs) are a uniquely enduring cornerstone of modern security. Most large organizations still employ a VPN solution to facilitate secure remote access, while millions of consumers rely on similar products to bolster their online privacy, secure public Wi-Fi connections, and circumvent site blocks. By now, most of us know that a VPN assigns us a new IP address and transmits our online traffic through an encrypted tunnel.