Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Don't give away your secret answers

I was watching an interview with an American Congressional member the other night, and I could not help but notice the person’s lack of cybersecurity awareness. As a disclaimer, please note that this is not a piece promoting or denouncing any political party, or view. I do not discuss politics unless it relates to a cybersecurity matter. In two previous posts, I have been misunderstood and thought to be promoting a position, but that isn't my intended purpose - cybersecurity awareness is.

Ignyte Assurance Platform - Genetisis' testimonial

The security governance team at Genetesis is continually challenged to find creative ways to improve the overall security posture without disrupting the culture of learning and discovery. Ignyte Assurance Platform helps them to automate the workflow across the multiple frameworks, provide dashboards for senior leadership to see the current security posture at a glance, and also help them to gain the FDA clearance. Every member of our team is dedicated to providing the best in class customer support to maximize your experience working with us.

Navigating ICS Security: The Value of Frameworks

Since the implementation of the General Data Protection Regulation (GDPR) on 25 May 2018, organizations and even private citizens have globally begun to re-assess what it means to ‘take security seriously’ and to better understand the massive difference between security and privacy.

The Role of Technology in the Modern SOC

Recently, Security Boulevard published an article I wrote about the role technology plays in the modern security operations center (SOC). It’s a topic near to my heart, since I began working in SOCs back when we were known as “computer incident response teams” (CIRT). Over the years, I’ve seen a lot of outstanding technologies hit the market that have contributed greatly to improving security teams’ ability to identify, investigate and respond to threats.

GoCenter Reveals Go Module Vulnerabilities With Xray

Golang developers care a lot about security and as Go modules become more widely used, they need more ways to assure these publicly shared files are safe. One unique feature included with Golang version 1.13 is the foresight that went into authentication and security for Go modules. When a developer creates a new module or a new version of an existing module, a go.sum file included there creates a list of SHA-256 hashes that are unique to that module version.

CIP-003-7: Transient Cyber Assets and Removable Media in 2020

Standard CIP-003 exists as part of a suite of Critical Infrastructure Protection (CIP) Standards related to cybersecurity that require the initial identification and categorization of BES Cyber Systems and require organizational, operational, and procedural controls to mitigate risk to BES Cyber Systems.

Climbing the Vulnerability Management Mountain: Reaching Maturity Level 3 - Base Camp

ML:3 is base camp, and getting here means you have reached a level that others have only dreamed about. At this level, the VM program is very good, and your visibility into threats to the environment is much better than it has ever been.

Google Cloud Platform compliance & Risk Management

Previously we published an article discussing some of the best practices surrounding cloud security, in this article, we will discuss cloud a little more specifically by focusing on one in particular provider Google. Google offers several different solutions for customers known as GCP or the Google Cloud Platform. GCP is set infrastructure tools and services which customers can utilize to build environments they need in order to facilitate a solution for their business.

10 ways to strengthen your organisation's cyber security in 2020

Cyber security was never far from the news in 2019, with high profile threats and breaches regularly hitting the headlines. As we enter 2020, the scale of the challenge facing business in all sectors continues to grow. Amid increasing pressure from industry regulators, it has never been more important for businesses to ensure they are taking proactive steps to improve their security posture and protect their data from cybercriminals.