Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

The ultimate guide to VPN encryption, protocols, and ciphers

Introduced to the market nearly two decades ago, Virtual Private Networks (VPNs) are a uniquely enduring cornerstone of modern security. Most large organizations still employ a VPN solution to facilitate secure remote access, while millions of consumers rely on similar products to bolster their online privacy, secure public Wi-Fi connections, and circumvent site blocks. By now, most of us know that a VPN assigns us a new IP address and transmits our online traffic through an encrypted tunnel.

What is Information Risk Management?

Information Risk Management (IRM) is a form of risk mitigation through policies, procedures, and technology that reduces the threat of cyber attacks from vulnerabilities and poor data security and from third-party vendors. Data breaches have massive, negative business impact and often arise from insufficiently protected data. In this article, we outline how you can think about and manage your cyber risk from an internal and external perspective.

The 6 Top Tips of Things to Do at Black Hat USA 2019

Are you going to Black Hat USA 2019? If you are, you’re no doubt counting down the days until 3-8 August when you can join the thousands upon thousands of security professionals at the Mandalay Bay Resort and Casino in Las Vegas, Nevada. But if you’ve been to any of its other 21 iterations, you probably know that this conference can be a bit overwhelming if you don’t know what you’re doing. That’s why it’s good to go in knowing all that you can do as an attendee.

Top 10 Anti-Phishing Best Practices

Messages are one of the most popular ways of communication today. Most organizations and firms accept that the simplest method for transferring data is through Emails. According to Business Matters, a leading business magazine in the UK, there are plenty of vital areas in the business world, but there aren’t many more essential or important than Emails.

The Rise of Predictive Threat Detection

Once upon a time, threat detection was based on delayed and reactive notifications associated with rudimentary alerting processes: A system failed, a database of your customer information was found for sale on the dark web, an employee admits to wrongdoing, and more. Addressing these threats was a completely reactive process.

Which PCI SAQ Do I Need?

PCI DSS Self-Assessment Questionnaires (SAQs) are tools provided by the PCI Security Standards Council (PCI SSC) to help payment-card-processing merchants and service providers measure their own PCI compliance Payment Card Industry Data Security Standard (PCI DSS) Self-Assessment Questionnaires (SAQs). Which of the nine Payment Card Industry Data Security Standard (PCI DSS) Self-Assessment Questionnaires (SAQs) your organization needs to fill out and submit depends on several factors.

New AT&T Cybersecurity Managed Threat Detection and Response service

With access to more resources than ever before, cybercriminals are rapidly scaling their operations, making every organization a potential target for a cyberattack. And, they are constantly shifting their tactics to exploit new vulnerabilities and slip past perimeter-based controls undetected. Meanwhile, the longer a threat goes undetected in a network environment, the greater the potential for damage through a security breach, data loss, or business downtime and disruption.

Most Security Pros Think Recent GDPR Fines Won't Significantly Affect Policies

In July 2019, UK Information Commissioner’s Office (ICO) announced its intention to fine two companies for violating the European Union’s General Data Protection Regulation (GDPR). ICO began by disclosing its intention to penalize British Airways in the amount of £183 million (approximately $224 million) on 8 July.

Woman arrested after Capital One hack spills personal info on 106 million credit card applicants

The FBI has arrested a 33-year-old software engineer in Seattle as part of an investigation into a massive data breach at financial services company Capital One. Paige A. Thompson, also known by the online handle “erratic,” has been charged with one count of computer fraud and abuse, after an investigation uncovered that a hacker had broken into cloud servers run by Capital One and stole data related to over 100 million credit-card applications.