There is a bit of serendipity associated with World Password Day 2022. This year the day falls on May 5, the day before the first anniversary of the devastating Colonial Pipeline ransomware attack, which was initiated through a compromised password. The combination of National Password Day and the Colonial Pipeline anniversary should help remind everyone that password security is incredibly important and ever evolving.
Teaching about password security in the early 2000s would usually start with a question to the audience: how many of you have up to 10 passwords to remember? How about 25? Anyone with more than 50? Today I usually start with “how many credentials do you believe to have still active? Less than a hundred?”
Most organizations adopt cloud and containers to accelerate application development, but by adopting a secure DevOps approach and embedding security into the DevOps workflow, you can ensure security controls don’t slow down developers. Check out these key considerations to keep in mind as you put together your plan for securing clouds and containers.
In recent times as the field of information is on the rise a new term ‘Ethical Hacking’ has emerged and opened many different avenues for IT and cyber security professionals. Now more and more people are getting familiar with the field of information security and are getting interested in learning about hacking skills.
In the summer of 2021, Rubrik officially released its first SaaS-based automated Disaster Recovery (DR) solution, Orchestrated Application Recovery. Orchestrated Application Recovery is incredibly easy to use: no need to install new binaries, no need to integrate between different vendor’s products.
What do I say if my team discovers a breach of our digital assets? This is a question that requires understanding “defensible disclosure,” a term first employed in the statistical, medical, legal, and financial communities.* Understanding what this term means and how to live up to its expectations is key in an age where organizations regularly handle intrusions and, sometimes, suffer breaches.
The Splunk Threat Research Team continues to address ongoing threats in relation to geopolitical events in eastern Europe. The following payload named Cyclops Blink seems to target Customer Premise Equipment devices (CPE). These devices are generally prevalent in commercial and residential locations enabling internet connectivity (Cable, DSL Modems, Satellite Modems, Firewalls, etc).
Resilience means more than bouncing back from a fall at a moment of significantly increased threats. When addressing resilience, it’s vital to focus on long-term goals instead of short-term benefits. Resilience in the cybersecurity context should resist, absorb, recover, and adapt to business disruptions.
