Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Climbing the Vulnerability Management Mountain: Reaching Maturity Level 3 - Base Camp

ML:3 is base camp, and getting here means you have reached a level that others have only dreamed about. At this level, the VM program is very good, and your visibility into threats to the environment is much better than it has ever been.

Google Cloud Platform compliance & Risk Management

Previously we published an article discussing some of the best practices surrounding cloud security, in this article, we will discuss cloud a little more specifically by focusing on one in particular provider Google. Google offers several different solutions for customers known as GCP or the Google Cloud Platform. GCP is set infrastructure tools and services which customers can utilize to build environments they need in order to facilitate a solution for their business.

10 ways to strengthen your organisation's cyber security in 2020

Cyber security was never far from the news in 2019, with high profile threats and breaches regularly hitting the headlines. As we enter 2020, the scale of the challenge facing business in all sectors continues to grow. Amid increasing pressure from industry regulators, it has never been more important for businesses to ensure they are taking proactive steps to improve their security posture and protect their data from cybercriminals.

Tripwire Enterprise and Zero Trust

Zero Trust is a new concept to many but one I believe will be of increasing importance over the coming years. With this post, I wanted to introduce newcomers to the concept, talk about why it’s an exciting approach to improving security, and explore how you can leverage File Integrity Monitoring (FIM) and Security Configuration Management (SCM) tools like Tripwire Enterprise (TE) to assist you on your Zero Trust (ZT) journey.

How to Achieve Compliance with NIS Directive

Network and information systems (NIS) and the essential functions they support play a vital role in society from ensuring the supply of electricity, water, oil and gas to the provisioning of healthcare and the safety of passenger and freight transport. In addition, computerized systems are performing vital safety-related functions designed to protect human lives.

What's the Difference Between Spear Phishing and Whaling?

Phishing is a broadly understood risk when it comes to internet security – it’s the process by which data thieves will attempt to infect your system with a virus by sending an authentic-looking communication that tricks the recipient into a clicking a malicious link. As phishing becomes a more established method of data theft and virus infection, however, data thieves are specialising – which leads to new terms.

Business Continuity Checklist for Planning and Implementation

Having a comprehensive business continuity plan (BCP) in place will help ensure that your business doesn’t suffer any downtime in the event of a disaster, which may include natural disasters, such as floods, fire, weather-related events, and cyberattacks. If you’re not prepared, these disasters can have catastrophic consequences on your business, including loss of productivity, loss of revenue, as well as damage to your reputation and your relationships with your customers.

Top 5 Cybersecurity Predictions for 2020

With 2020 around the corner, we’re entering a new decade in the cybersecurity landscape. What does the future hold for security professionals? We’d like to ring in the new year with good news, but the truth is that hackers will become smarter and breaches will grow in scale and number, creating an even greater pressure for security teams to keep up. Read our five predictions for 2020 to understand what to look out for and how to prepare for the new decade.

The Top 10 State of Security Blog Posts from 2019

It’s been another fantastic year on The State of Security blog. With over 350 blogs published from all walks of the security community, we like to think of the blog as more of an industry resource that caters to not only experienced security professionals but also to those who are new to the community. To finish the year off, I wanted to look back on some of my personal favorites. I’ve tried to include a mixture of different styles, topics and authors.