Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Countdown to CCPA: Steps to Start Getting Your Content in Compliance

The California Consumer Protection Act (CCPA), set to go into effect in January 2020, will have a big impact on companies that do business in California or collect the personal information of California citizens. Driven by growing public demand for privacy, CCPA is the latest in a line of regulations that gives individuals greater control over how their personal data can be collected, stored, purchased, or shared by private companies. Wondering what CCPA means for your business?

What is Cybersecurity Analytics?

Security analytics is not a particular tool, rather it is an approach to cybersecurity. Thorough analysis of data in order to implement proactive security measures is the essence of security analytics. It includes gathering data from every possible source to identify patterns. Nobody can predict the future but with cybersecurity analytics, you can make pretty accurate, informed guesses about it.

Four Misconceptions About Ransomware Addressed

Ransomware has been a hot topic within the cyber security industry for quite some time now. It’s an often-lucrative cyber-attack method with an attractive return on investment. The motivation behind Ransomware attacks tends to be primarily financial, as cyber criminals can’t resist such easy opportunities to achieve their malicious goals. Ransomware is effective given that almost every individual or organization owns or has access to digital assets which are valuable to them.

How to Avoid Common Software Vulnerability Management Mistakes

Vulnerability management (VM) is an essential process through which organizations can reduce risk in their environments. But myths and misconceptions surrounding VM abound. For instance, organizations commonly approach vulnerability management in the same way as they do patch management. Others are guilty of believing that all attacks rely on vulnerabilities, while others still are under the false impression that all software patches will work without a hitch.

Weekly Cyber Security News 28/06/2019

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Here we are again, another week and another S3 leak. I really don’t understand how this keeps happening. Either its sloppy admin or people with no technical (or security) understanding is being let loose on a complex cloud service – both are not great. You would hope that when you call in experts to help with a problem, you are dealing with someone responsible.

What is Real-Time Threat Intelligence?

Would you sit back in your chair and do nothing while your systems are under attack? You may be, without even realizing it. Businesses are increasingly finding themselves under cyberattacks carried out by hackers or criminals. However, many of them fail to recognize that they have been attacked until it is too late to do anything. That is why timing is the most essential component of cyber security. Fighting attacks proactively instead of reactively can save your systems and networks.

What is digital trust and why does your CSO care about it?

As I talk to organizations in the AT&T Executive Briefing Center and learn more about the different types of business and enterprise security goals, one of the resonating themes across different industry verticals today is Digital Trust. The goal is to build trust in the system between the consumers of your services and the enterprise. To achieve this goal, it is about going to the foundational aspects of information protection.

Investigate and Correct CVEs with the K8s API

When NIST (https://nvd.nist.go) announces a new CVE (Common Vulnerability and Exposure) that impacts Kubernetes, kube administrators and IT Security teams need to quickly understand the impact of the vulnerability and protect their Kubernetes clusters. Often, no patches are yet available, so in addition to understanding the impact, DevOps teams have to decide whether or not to create a custom fix to mitigate the risk of that CVE without bringing down the entire app or system.

After Euro24 million stolen by typosquatting a cryptocurrency exchange, six people arrested

European police have arrested six people as part of an investigation into a theft which saw €24 million (US $27 million) stolen from users of cryptocurrency exchange. In a press release, Europol described how five men and one woman were simultaneously arrested on Tuesday morning at the homes of the suspects in Charlcombe, Lower Weston and Staverton (UK) and Amsterdam and Rotterdam (the Netherlands).