Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

What is Spear Phishing?

Spear phishing is an email spoofing attack targeting a specific organization or individual. Spear phishing emails aim to infect the victim with malware or trick them into revealing sensitive data and sensitive information. Spear phishers look for target who could result in financial gain or exposure of trade secrets for corporate espionage, personally identifiable information (PII) for identity theft and protected health information (PHI) for insurance fraud.

Securing Google Cloud Run serverless workloads

Google Cloud Run is a serverless compute platform that automatically scales your stateless containers. In this post we are going to showcase how to secure the entire lifecycle of your Cloud Run services. Sysdig provides a secure DevOps workflow for Cloud Run Platforms that embeds security, maximizes availability and validates compliance across the serverless lifecycle. Sysdig Secure Devops Platform is open by design, with the scale, performance and usability enterprises demand.

Netwrix Auditor 9.9 - Visibility into Office 365 Permissions

Visibility into SharePoint Online, OneDrive for Business and Exchange Online permissions, available in Netwrix Auditor 9.9, gives you a clear picture of who has access to what so you can enforce the least-privilege principle and ensure that your critical data is not overexposed. Keeping your critical data secure in Office 365 is not easy, in part because of the intricate system of issuing permissions there. How can you ensure that your SharePoint Online documents are not shared with external users? How can you quickly make sure that your CEO’s messages are not overexposed?

Netwrix Auditor for Office 365 - Overview

Netwrix Auditor for Office 365 delivers complete visibility into what’s going on in your Office 365 environment. This insight empowers organizations to see who has access to what, monitor user activity in SharePoint Online, and audit all modifications and non-owner mailbox access events in Exchange Online to enhance the security of their critical data, continuously ensure business availability and prove compliance with less effort.

Aligning SECaaS with Your Organization's Cloud Security Needs

One cannot underestimate the effect that the ongoing skills gap is having on organizations’ digital security strategies. Gartner estimates that the global number of unfilled digital security positions is expected to grow to 1.5 million by 2020. Reflecting this trend, more than 70 percent of organizations feel that hiring skilled infosec personnel became harder between 2017 and 2019.

Only after running out of hard disk space did firm realise hacker had stolen one million users' details

Yet another company has been found lacking when it comes to securing its consumers’ data. Utah-based InfoTrax Systems provides back-end services to multi-level marketing companies (MLMs) such as dōTERRA, ZanGo, and LifeVantage, providing website portals where individuals can register as a distributor, sign-up new distributors, and place orders for themselves and end consumers.

3 Trends Where Technology Can Simplify Vendor Risk Management

Vendor risk management is the practice of governing third-party access to company data. This is a critical aspect of an organization since vendors view your business information when providing their services. For some, this can turn into a severe vulnerability that can lead to data breaches. In fact, in the past five years, vendors like Home Depot and Target were responsible for those incidents, as reported by Forbes.

How to Maintain ISO 9001 Certification

It’s not easy for an organization to implement the International Organization for Standardization (ISO) 9001 and obtain an ISO certification for the standard. But just because you’ve achieved ISO 9001:2015 (the latest version) certification, doesn’t mean your work is done. That’s because your company has to be continually audited to ensure it still meets the requirements of the ISO 9001 standard.