RESOURCES


home.aspx
   
How Organizations can prepare for Cybersecurity HOW ORGANIZATIONS CAN PREPARE FOR CYBERSECURITY

article

Apr 22, 2020

According to a Gartner study in 2018, the global Cybersecurity market is estimated to be as big as US$170.4 billion by 2022. The rapid growth in cybersecurity market is boosted by new technological initiatives like cloud-based applications and workloads that require security beyond the traditional d...

Read More

Cybersecurity in the Time of COVID-19 CYBERSECURITY IN THE TIME OF COVID-19

article

Mar 30, 2020

A decade ago, Stuxnet pulled me into the accelerating, widening gyre of cybersecurity. I began to devote less time to global health, a topic on which I spent the previous decade developing familiarity and producing a large carbon footprint. I would frown when cybersecurity analysis borrowed concepts...

Read More

Progress Is the Promise in National Cybersecurity Strategy PROGRESS IS THE PROMISE IN NATIONAL CYBERSECURITY STRATEGY

article

Mar 23, 2020

How can progress be measured when it comes to shifts in national security strategy and practice? Several assessment variables might include changes in official national guidance, legal authorities, types of campaigns or operations, lexicon used in national security discourse, and early results of th...

Read More

Guest Blog: Cyber security guidance for remote working GUEST BLOG: CYBER SECURITY GUIDANCE FOR REMOTE WORKING

article

Mar 20, 2020

In these challenging times, it’s sad to learn that cyber criminals are only increasing their activity as they look to capitalise on the Covid-19 crisis. With the NCSC (National Cyber Security Centre) issuing warnings of such activity on a daily basis, it’s important that we all work to p...

Read More

What You Need to Know About the Cybersecurity Solarium Commission Report WHAT YOU NEED TO KNOW ABOUT THE CYBERSECURITY SOLARIUM COMMISSION REPORT

article

Mar 20, 2020

The Cybersecurity Solarium Commission's recently released report outlines a strategy to fundamentally reshape the U.S.’s approach to cybersecurity and prepare for resiliency and response before a major cyber incident occurs, not after. Unlike the original Solarium Commission, which operate...

Read More

5G and IoT security: Why cybersecurity experts are sounding an alarm 5G AND IOT SECURITY: WHY CYBERSECURITY EXPERTS ARE SOUNDING AN ALARM

article

Mar 02, 2020

Seemingly everywhere you turn these days there is some announcement about 5G and the benefits it will bring, like greater speeds, increased efficiencies, and support for up to one million device connections on a private 5G network. All of this leads to more innovations and a significant change in ho...

Read More

AskOptiv: Defending Against AI Weaponized Threats ASKOPTIV: DEFENDING AGAINST AI WEAPONIZED THREATS

article

Feb 05, 2020

2020 is the year for us to seriously consider artificial intelligence (AI) and how it impacts operations, including those involving of threat actors. With all the buzz around the very broad concepts of automation and AI within computer science we should begin by briefly discussing exactly what artif...

Read More

Hospitality Company Landry HOSPITALITY COMPANY LANDRY'S INC. IDENTIFIES MALWARE ON PAYMENT SYSTEM

article

Jan 02, 2020

Landry's, Inc., an American, privately owned, multi-brand dining, hospitality, entertainment and gaming corporation, has reported that it identified malware on its payment processing system. Headquartered in Houston, Texas. Landry's, Inc. owns and operates more than 600 restaurants, hotels, ...

Read More

Here are the top cybersecurity predictions for 2020 HERE ARE THE TOP CYBERSECURITY PREDICTIONS FOR 2020

article

Dec 27, 2019

As 2019 comes to an end, cybersecurity experts are preparing for a new year—and a new decade—and all the cyber scams, breaches, attacks and privacy concerns that threaten consumers and businesses. CyberScout, an industry leader in cyber insurance, data security, and identity theft protec...

Read More

Closing a Critical Gap in Cybersecurity CLOSING A CRITICAL GAP IN CYBERSECURITY

article

Dec 16, 2019

Last year, faced with rising threats in cyberspace, Congress established the nation’s first civilian cybersecurity agency—the Cybersecurity and Infrastructure Security Agency (CISA). We serve as the nation’s risk adviser, which means we’re the agency responsible for working w...

Read More

THE ROLE OF AI IN CYBERSECURITY THE ROLE OF AI IN CYBERSECURITY

article

Dec 13, 2019

Emerging technologies put cybersecurity at risk. Even the new advancements in defensive strategies of security professionals fail at some point. Besides, as offensive-defensive strategies and innovations are running in a never-ending cycle, the complexity and volume of cyberattacks have increased. C...

Read More

61% of malicious ads target Windows users 61% OF MALICIOUS ADS TARGET WINDOWS USERS

article

Dec 02, 2019

Most malvertising campaigns (malicious ads) target Windows users, according to statistics shared last week by cyber-security firm Devcon. The company said that based on data gathered by its internal tools, 61% of the malicious ads they've observed from between July 11 and November 22, 2019 were ...

Read More

What Does IMDRF WHAT DOES IMDRF'S NEW CYBERSECURITY GUIDANCE MEAN FOR YOU?

article

Dec 02, 2019

In the age of connectivity, cybersecurity has become critical to all stakeholders in the medical device field. Different federal agencies in the United States (U.S.), as well as agencies across the globe, have begun to address this issue through regulatory guidance and enforcement action. The U.S. h...

Read More

SMART CITIES AND CYBERSECURITY: THE ESSENTIALS SMART CITIES AND CYBERSECURITY: THE ESSENTIALS

article

Nov 19, 2019

With the growing popularity of IoT and digitization, smart cities have become a reality. Harnessing the power of data, design thinking, and digital technologies, smart cities are the sure future of urban lifestyle. However, as with other digital transformations, smart cities bring with them a barrag...

Read More

Balancing Patient Engagement and Awareness with Medical Device Cybersecurity BALANCING PATIENT ENGAGEMENT AND AWARENESS WITH MEDICAL DEVICE CYBERSECURITY

article

Nov 14, 2019

Medical devices are increasingly more advanced and interconnected, sharing information via Wi-Fi, the internet, our phones and across hospital networks. While the software and networking features behind these devices can support safer, more convenient and timely health care delivery, they also can i...

Read More

Protect the Business from Edge to AI with Cloudera Cybersecurity PROTECT THE BUSINESS FROM EDGE TO AI WITH CLOUDERA CYBERSECURITY

article

Nov 07, 2019

Gartner estimates 30x connected device growth by 2020. Faster 5G networks bringing an explosion of inexpensive, connected devices. This enables new and more innovative applications and capabilities to improve customer experience. However, all these new applications and connections also broaden the n...

Read More

This Website Has Solved Cybersecurity THIS WEBSITE HAS SOLVED CYBERSECURITY

article

Nov 06, 2019

Big companies that hold our personal data get hacked almost every day, but most don’t really know how to deal with getting hacked, especially when it comes to telling users what happened. If you’ve read some data breach disclosures or notices, you know the classic “we take your pri...

Read More

A Security Failure in the White House A SECURITY FAILURE IN THE WHITE HOUSE

article

Nov 01, 2019

At the time, ODNI predicted similar Russian efforts in the future. That prediction has come to pass: The FBI has reported Russian efforts against the 2020 elections. Nor are they the only ones taking aim at U.S. elections. Facebook recently found evidence of Iranian operations against the Trump camp...

Read More

Mimecast: Tackling Cybersecurity in a connected economy MIMECAST: TACKLING CYBERSECURITY IN A CONNECTED ECONOMY

article

Oct 31, 2019

Mimecast, founded in 2003, is an international cyber resilience company, with offices in the UK, US, South Africa, Australia, Europe and the Middle East. Mimecast uses dispersed data centers, intelligent mail routing and robust cloud security to provide a security network capable of managing over 35...

Read More

Insider Threats: A Problem That is Preventable INSIDER THREATS: A PROBLEM THAT IS PREVENTABLE

article

Oct 30, 2019

Earlier this summer, I read a fascinating story about McAfee launching a lawsuit against three former employees. The lawsuit alleged that these employees conspired to steal trade secrets on behalf of their new employer, accusing them of moving to a competitor and exfiltrating business-sensitive docu...

Read More

The Future of AI in Cybersecurity THE FUTURE OF AI IN CYBERSECURITY

article

Oct 29, 2019

The buzzword for 2019 that we have all heard a thousand times is Artificial Intelligence, AI. This term has been placed on products ranging from smartwatches to washing machines and of course every security tool on the market. Advertisements lead us to believe that if you couldn’t find a way t...

Read More

How America HOW AMERICA'S CYBER STRATEGY COULD CREATE AN INTERNATIONAL CRISIS

article

Oct 23, 2019

The United States has adopted a new cyber warfare strategy focused on “persistent engagement” and “forward defense” in an attempt to thwart Chinese, Russian and other state-sponsored cyber attacks. While this unprecedented “defend forward” approach gives America m...

Read More

Avast target of cyber-security attack, company and Czech counterintelligence say AVAST TARGET OF CYBER-SECURITY ATTACK, COMPANY AND CZECH COUNTERINTELLIGENCE SAY

article

Oct 22, 2019

Czech-based Avast and Czech counterintelligence service BIS said on Monday they had detected a network attack on the cyber-security company which the BIS suspected of originating in China. Avast said in a blog post that it found suspicious behaviour on its network on Sept. 23 and opened an investiga...

Read More

Cybersecurity: a crucial issue for industry and transport stakeholders CYBERSECURITY: A CRUCIAL ISSUE FOR INDUSTRY AND TRANSPORT STAKEHOLDERS

article

Oct 21, 2019

Cybersecurity is defined as all the technical and non-technical measures of protection that enable an information system to withstand events liable to compromise the availability, integrity, confidentiality or associated proofs (identity, authenticity, traceability) of data stored, processed or tran...

Read More

What is cybersecurity? WHAT IS CYBERSECURITY?

article

Oct 13, 2019

Cybersecurity, or computer security, is the protection of computer systems from the theft or damage to their hardware, software, of electric data, as well as form the disruption or misdirection of the services they provide. The field is becoming more important due to increased reliance to computer s...

Read More

Mobile Cybersecurity Tips from Emery Csulak, DOE Chief Information Security Officer MOBILE CYBERSECURITY TIPS FROM EMERY CSULAK, DOE CHIEF INFORMATION SECURITY OFFICER

video

Oct 11, 2019

Our heavy reliance on mobile devices to communicate means we must make mobile cybersecurity a top priority both at home and at work! Learn how DOE is prioritizing mobile cybersecurity by providing tips to stay safe and secure.

Read More

How Cloud Computing is Changing Cybersecurity HOW CLOUD COMPUTING IS CHANGING CYBERSECURITY

article

Oct 07, 2019

As it has emerged over the past few years, the cloud has really revolutionized business and allowed us to do amazing things with web-delivered technologies. However, one of the biggest issues around the cloud has always been, and still is, cybersecurity. (Read The Truth About Cybersecurity.)The clou...

Read More

New U.N. Debate on Cybersecurity in the Context of International Security NEW U.N. DEBATE ON CYBERSECURITY IN THE CONTEXT OF INTERNATIONAL SECURITY

article

Sep 30, 2019

In 2018, the United Nations General Assembly voted to establish two separate groups to study international law and norms in relation to cyberspace. Resolution 73/27—proposed by a number of countries, including Russia—created an open-ended working group (OEWG) on the subject. Another grou...

Read More

Cylance is golden: BlackBerry’s new cybersecurity R&D lab is all about AI and IoT CYLANCE IS GOLDEN: BLACKBERRY’S NEW CYBERSECURITY R&D LAB IS ALL ABOUT AI AND IOT

article

Sep 30, 2019

BlackBerry has announced a new business unit dedicated entirely to cybersecurity research and development (R&D).The BlackBerry Advanced Technology Development Labs (BlackBerry Labs) will “operate at the forefront” of cybersecurity R&D, according to BlackBerry. The unit will be sp...

Read More

Preparing For Physical and Cybersecurity Convergence PREPARING FOR PHYSICAL AND CYBERSECURITY CONVERGENCE

article

Sep 20, 2019

In an era of increasingly sophisticated security threats, CIOs, CISOs, and COOs alike need to be more committed than ever to protect their data, facilities, and teams. From unauthorized personnel attempting to gain entry to your facilities to cybercriminals looking to breach your network, private se...

Read More

10 STEPS TO CYBERSECURITY, AS DEFINED BY GCHQ 10 STEPS TO CYBERSECURITY, AS DEFINED BY GCHQ

article

Sep 19, 2019

GCHQ, the Government Communications Headquarters is an intelligence and security agency responsible for keeping the U.K. safe. The team of GCHQ uses cutting-edge technology, technical ingenuity, and wide-ranging partnerships to identify, analyze, and disrupt threats. GCHQ deals with real threats tha...

Read More

5 Tips and Tricks to Boost Small Business Security 5 TIPS AND TRICKS TO BOOST SMALL BUSINESS SECURITY

article

Sep 19, 2019

Small businesses often fall into the trap of lax security, both online and in person. However, it's essential for small business owners to consider how they can navigate the world of digital security risks and dangers. Many small business owners think they're safe from hackers. After all, wh...

Read More

5 data privacy and cybersecurity tips for construction firms 5 DATA PRIVACY AND CYBERSECURITY TIPS FOR CONSTRUCTION FIRMS

article

Sep 12, 2019

No industry is immune from data privacy and cybersecurity threats, and that includes the construction industry. Here are five data privacy and cybersecurity tips construction firms should consider putting to use to protect themselves against these looming threats. The best way to protect any organiz...

Read More

SILENTDEFENSE™ AND THE FORESCOUT PLATFORM: CYBERSECURITY FOR CONVERGING IT/OT REQUIREMENTS SILENTDEFENSE™ AND THE FORESCOUT PLATFORM: CYBERSECURITY FOR CONVERGING IT/OT REQUIREMENTS

article

Nov 15, 2018

Today’s cyber threats are ever-changing and evolving. Over the last decade, we have seen malware begin to target non-enterprise devices and industrial control systems (ICS) at an alarming pace. However, most critical infrastructure and ICS asset owners are ill-equipped for this changing cyber ...

Read More

Thinking Global and Acting Local to Close the Skills Gap THINKING GLOBAL AND ACTING LOCAL TO CLOSE THE SKILLS GAP

article

Nov 14, 2018

Cybersecurity empowers organizations to enable trust, move faster, add value and grow. In order for cybersecurity to live up to that promise, it will require an increase in talent and new skills to take on the volume and sophistication of today’s threat landscape. According to industry analyst...

Read More

Cybersecurity in the workplace CYBERSECURITY IN THE WORKPLACE

article

Nov 09, 2018

Cybercriminals, however, are more likely to view your employees as the path of least resistance into an organization. In North America, for example, two top causes of breaches are careless or uninformed employee actions and phishing or other social engineering. Cybercriminals know that, and they use...

Read More

How Can You Get More from Your AppSec Education Program? HOW CAN YOU GET MORE FROM YOUR APPSEC EDUCATION PROGRAM?

article

Nov 09, 2018

Forbes recently published an article titled “The Cybersecurity Talent Gap Is An Industry Crisis” – and without question, there’s a real lack of cybersecurity talent. Cybersecurity Ventures predicts about 3.5 million unfilled cybersecurity job openings by 2021! The need for cy...

Read More

CYBERSECURITY AWARENESS: TAKE THE RIGHT APPROACH CYBERSECURITY AWARENESS: TAKE THE RIGHT APPROACH

article

Nov 07, 2018

There’s never been a more critical time for awareness training for cybersecurity. Attacks of all kinds are on the rise and the ubiquity of technology in the lives of end users can create opportunities for lapses in judgement, human error and avoidable mistakes. As an IT leader in your organiza...

Read More

5 Common Visibility Gaps Your Enterprise Security Plan Can’t Afford 5 COMMON VISIBILITY GAPS YOUR ENTERPRISE SECURITY PLAN CAN’T AFFORD

article

Oct 25, 2018

Today’s cybersecurity challenges are unlike anything we’ve seen before. Your organization’s IT infrastructures now consist of the traditional network—employee laptops, desktops, various operating software, storage platforms and servers, cloud storage—plus an entirely ne...

Read More

BehavioSec Fires Up Next-Gen Cybersecurity Solutions with Behavioral Biometrics BEHAVIOSEC FIRES UP NEXT-GEN CYBERSECURITY SOLUTIONS WITH BEHAVIORAL BIOMETRICS

article

Oct 24, 2018

There’s no silver bullet for online security, especially when it comes to user authentication. And enterprises aren’t alone in the struggle to keep up with the needs and demands of authentication. At the center of all of this lies user behavior and the challenge it presents to security. ...

Read More

Top 5 trends security teams should begin embracing to manage digital risk TOP 5 TRENDS SECURITY TEAMS SHOULD BEGIN EMBRACING TO MANAGE DIGITAL RISK

article

Oct 24, 2018

The digital world has opened up a plethora of opportunities for workplaces across the globe. Digital transformation means, among other things, seamless connectivity, the erasure of physical barriers and enterprises that can leverage the freedom of knowledge sharing without boundaries to enable great...

Read More

Cybersecurity tips from the pros CYBERSECURITY TIPS FROM THE PROS

article

Oct 23, 2018

Managing customer identities goes well beyond providing great front-end registration, authentication and single sign-on experiences. Janrain clients also know that their customers’ identities are held securely - with Janrain’s Secure Edge restricting external bad actors and our internal ...

Read More

10 Tips to Take Control of Your Public Wi-Fi Security 10 TIPS TO TAKE CONTROL OF YOUR PUBLIC WI-FI SECURITY

article

Oct 17, 2018

The amazing ability to surf from anywhere sometimes distracts us from a very basic fact: the information may flow to us – but it can flow from us, in other, undesirable directions. So whether you are on your way to a vacation in a city that offers public Wi-Fi or you live in a city that is tou...

Read More

5 Cybersecurity Myths – and Facts 5 CYBERSECURITY MYTHS – AND FACTS

article

Oct 16, 2018

Let’s face it: Cybersecurity and identity theft aren’t things we like to think about. And according to recent research, many of us aren’t thinking about it at all. Many of us get an antivirus program, try to use strong passwords, and hope those efforts are enough. But are they? The...

Read More

A Career in Cybersecurity Has Many Positives, But It’s Not Without Challenges A CAREER IN CYBERSECURITY HAS MANY POSITIVES, BUT IT’S NOT WITHOUT CHALLENGES

article

Oct 12, 2018

There aren’t many fields where the majority say they’re happy with their profession. A satisfying career path—one where we feel successful—can be a long journey that most of us aren’t taught in school. In fact, 70 percent of workers say they don’t feel satisfied w...

Read More

Cybersecurity Education Series: What Is Email Fraud? CYBERSECURITY EDUCATION SERIES: WHAT IS EMAIL FRAUD?

article

Oct 12, 2018

Since its inception, email has been a favorite target for cyber criminals hoping to steal sensitive data, user credentials, and company funds. In response, organizations have deployed a wide range of email security tools. But despite increased investment in defense, email fraud is still on the rise....

Read More

HHS Urges FDA to Do More on Medical Device Security HHS URGES FDA TO DO MORE ON MEDICAL DEVICE SECURITY

article

Oct 08, 2018

We’ve been writing for a few years now about the dangers of connected medical devices and how the U.S. F.D.A. has sought to increase the security of these devices. Previously, in St. Jude Takes Steps to Secure Vulnerable Medical Implants we covered the security surrounding St. Jude medical dev...

Read More

4 Cybersecurity Factors Every Board Member Must Consider for 2019 Planning 4 CYBERSECURITY FACTORS EVERY BOARD MEMBER MUST CONSIDER FOR 2019 PLANNING

article

Oct 05, 2018

Cybersecurity is a growing topic of discussion in Board meetings everywhere — given this fact, Board members need to be prepared to speak knowledgeably about their organization’s cybersecurity posture and programs. As businesses near the last quarter of the year and begin their planning ...

Read More

NIST Seeks Public Comment on Managing Internet of Things Cybersecurity and Privacy Risks NIST SEEKS PUBLIC COMMENT ON MANAGING INTERNET OF THINGS CYBERSECURITY AND PRIVACY RISKS

article

Oct 04, 2018

The U.S. Department of Commerce’s National Institute of Standards and Technology recently announced that it is seeking public comment on Draft NISTIR 8228, Considerations for Managing Internet of Things (“IoT”) Cybersecurity and Privacy Risks (the “Draft Report”). The d...

Read More

The Massive Data Breach Reducing Dwell Time and the Resulting Damage THE MASSIVE DATA BREACH REDUCING DWELL TIME AND THE RESULTING DAMAGE

article

Oct 04, 2018

This week we’ve seen what can happen when a major company like Facebook—or any organization for that matter—is faced with a massive data breach. They face possible loss of intellectual property and brand damage if they expose the privacy of their customers, partners, and workforce....

Read More

Cybersecurity Starts with Your Employees CYBERSECURITY STARTS WITH YOUR EMPLOYEES

article

Oct 04, 2018

We’re all familiar with Smokey the Bear and the “Only You Can Prevent Wildfires” slogan. In 2015, Smokey got an update and the new “Receive a Bear Hug” ads ran nationwide. In the ad, Smokey runs out of the woods and gives a big bearhug to a camper for properly checking ...

Read More

4 Emerging Retail Cybersecurity Threats (and How to Stop Them) 4 EMERGING RETAIL CYBERSECURITY THREATS (AND HOW TO STOP THEM)

article

Oct 02, 2018

The retail industry has always been a favorite target of cyber criminals. We all remember major data breaches like those that affected Target, TJX, and Home Depot — but the truth is that cybersecurity threats have been a daily concern of retailers for a long time. Point of Sale (POS) system ha...

Read More

Incident Response Plan: 6 Essential Steps for Responding to a Security Incident INCIDENT RESPONSE PLAN: 6 ESSENTIAL STEPS FOR RESPONDING TO A SECURITY INCIDENT

article

Sep 29, 2018

During a cybersecurity incident, security teams will face many unknowns and a frenzy of activity. In such a hectic environment, they may fail to follow proper incident response procedures to effectively limit the damage. This is important because a security incident can be a high-pressure situation,...

Read More

Excerpts from: Using the ATT&CK™ Framework to Mature Your Threat Hunting Program EXCERPTS FROM: USING THE ATT&CK™ FRAMEWORK TO MATURE YOUR THREAT HUNTING PROGRAM

article

Sep 28, 2018

Every threat hunt starts with intelligence. As one of the industry’s most comprehensive knowledge bases for adversary behavior, ATT&CK provides a structure for hunters to build their hypotheses and search for threats. Recently Carbon Black, Red Canary and MITRE teamed up for the webinar, U...

Read More

Adwind Trojan: How to Stay Safe from Malware ADWIND TROJAN: HOW TO STAY SAFE FROM MALWARE

article

Sep 26, 2018

The Adwind Trojan virus, a Remote Access Trojan (RAT), has been noticed to use antivirus software and spreadsheets programs like Excel in order to infect your computer. The virus is back with new tricks trying to bypass your antivirus software in order to infect your computer with dangerous malware....

Read More

5 Key Cybersecurity Trends – What I Learned at Exabeam Spotlight 2018 5 KEY CYBERSECURITY TRENDS – WHAT I LEARNED AT EXABEAM SPOTLIGHT 2018

article

Sep 26, 2018

Many attendees were quick to say that their organization’s data is increasingly in the cloud. While most talked about their hybrid data center strategy, the emphasis was on moving more IT resources to infrastructure-as-a-service (IaaS) providers like AWS and Azure, as well as deploying softwar...

Read More

How to Stop Cyberattacks on Your IoT Infrastructure HOW TO STOP CYBERATTACKS ON YOUR IOT INFRASTRUCTURE

article

Sep 21, 2018

In part one of our internet of things (IoT) blog series, we provided background on the tremendous growth of IoT and their innovative use cases—from alarm systems, to power grid monitoring, to devices that are combating honeybee colony collapse disorder. We also looked at the 600% increase in I...

Read More

Security Leadership Series: An Important Principle for Every Cybersecurity Leader to Remember SECURITY LEADERSHIP SERIES: AN IMPORTANT PRINCIPLE FOR EVERY CYBERSECURITY LEADER TO REMEMBER

article

Sep 20, 2018

Here’s a principle every cybersecurity leader needs to acknowledge: Cybersecurity is not the single most important element of your company’s business. In reality, most businesses exist to make money or return some form of value to their stakeholders (unless you’re a nonprofit, in w...

Read More

Battling Cyber Threats Using Next-Gen SIEM and Threat Intelligence BATTLING CYBER THREATS USING NEXT-GEN SIEM AND THREAT INTELLIGENCE

article

Sep 12, 2018

While SIEMs are central for SOC cybersecurity—collecting logs and data from multiple network sources for evaluation, analysis, and correlation of network events for threat detection—SIEMs are often not enough. With the growing sophistication of organized, modern cyber attackers and their...

Read More

How The ATT&CK™ Framework Can Mature Your Threat Hunting Program HOW THE ATT&CK™ FRAMEWORK CAN MATURE YOUR THREAT HUNTING PROGRAM

article

Sep 11, 2018

The truth about threat hunting is that it’s a process that matures with your security team. The more you learn more about the threat landscape, the more you can operationalize that knowledge. Because of this, it is important to work within a framework that can help you track the growth of your...

Read More

Why cybersecurity training is crucial for your business WHY CYBERSECURITY TRAINING IS CRUCIAL FOR YOUR BUSINESS

infographic

Sep 06, 2018

Do you know the biggest threat to your business does not need to come from outside, but from within? Internal security threats do not necessarily mean spies being sent in by your competitors to crash your business, just as we see in the movies; rather it can be your employees — the same people...

Read More

Getting Better Together in Cybersecurity GETTING BETTER TOGETHER IN CYBERSECURITY

article

Sep 06, 2018

“Determining Evil from Benign in the Normally Abnormal World of InfoSec” We cannot control our adversary. Although we can choose to control them once in our environment. We have little to no control over when the “big attack” happens. For too long I think we have focused so h...

Read More

Cybersecurity, Information Security, Network Security, Information Assurance: What’s the Difference? CYBERSECURITY, INFORMATION SECURITY, NETWORK SECURITY, INFORMATION ASSURANCE: WHAT’S THE DIFFERENCE?

article

Sep 06, 2018

As hackers, security breaches and malware attacks continue to dominate headlines, cyber crime has emerged as a global “pandemic” that last year cost people and organizations an estimated $600 billion, according to CNBC. So it’s not surprising that combating such activities has beco...

Read More

Cyber Espionage and the US Elections: What are Russian Hackers Possibly Doing and How Can They be Stopped? CYBER ESPIONAGE AND THE US ELECTIONS: WHAT ARE RUSSIAN HACKERS POSSIBLY DOING AND HOW CAN THEY BE STOPPED?

article

Aug 31, 2018

Russian meddling in the 2016 US elections and the Hillary Clinton campaign email breach came as a surprise to many (with investigations underway as to who knew what and who was involved). While the New York Times reported the Obama White House had warned the Russians about “malicious cyber act...

Read More

4 Reasons Why All Businesses Need a Password Manager 4 REASONS WHY ALL BUSINESSES NEED A PASSWORD MANAGER

article

Aug 30, 2018

Today, doing business means having dozens of online accounts and dozens (or even hundreds) of passwords. Technology helps us run our businesses more effectively, but it can also make us more vulnerable to data breaches and cyber attacks. Jungle Disk’s suite of cybersecurity products and servic...

Read More

AI and Cybersecurity: combining data with human expertise AI AND CYBERSECURITY: COMBINING DATA WITH HUMAN EXPERTISE

article

Aug 30, 2018

Artificial intelligence continues to proliferate and influence our lives. Speech recognition and image recognition rely on AI. The financial sector is moving to AI-based insurance risk analysis, credit scores and loan eligibility. We’re also seeing the emergence of AI-based robot lawyers and A...

Read More

Is Your Small Business at Risk of a Cyber Attack? IS YOUR SMALL BUSINESS AT RISK OF A CYBER ATTACK?

article

Aug 29, 2018

After reading an article in Dark Reading, I was shocked to find out that over fifty percent of small to medium sized businesses (SMB) do not think they are at risk of cyber attacks. On top of that, I found it interesting that seventy-six percent of SMBs were not using multi-factor authentication eit...

Read More

Four Fundamentals in Building a Security Stack FOUR FUNDAMENTALS IN BUILDING A SECURITY STACK

article

Aug 27, 2018

Cybersecurity is an enormous investment with even more enormous consequences for mistakes. To build an optimal security stack you need to balance residual risks with total cost of ownership of the cyber security stack and with minimal disruption to operations. Unfortunately , we have reached an impa...

Read More

Email Fraud Continues to Rise as the Number of Attacks Grew 36% in Q2 EMAIL FRAUD CONTINUES TO RISE AS THE NUMBER OF ATTACKS GREW 36% IN Q2

article

Aug 21, 2018

Email fraud continues to make headlines within the cybersecurity space and continuously reaches unprecedented levels of impact on organizations of all sizes and in all locations. In fact, the FBI recently released a new report indicating that business email compromise (BEC) and email account comprom...

Read More

Password Security : The Good, the Bad, and the “Never Should Have Happened” PASSWORD SECURITY : THE GOOD, THE BAD, AND THE “NEVER SHOULD HAVE HAPPENED”

article

Aug 16, 2018

While most organizations have a password policy that sounds technically secure, hardly any have a policy that benefits the organization, encourages strong passwords, and improves overall security. It’s time to stop requiring capital letters, numbers, special characters, and frequent password u...

Read More

The Key to EDR You Didn’t Know You Were Missing THE KEY TO EDR YOU DIDN’T KNOW YOU WERE MISSING

article

Aug 15, 2018

It’s no longer enough for companies to simply “keep up” in the world of cybersecurity. To prevent attackers from infiltrating your systems, you need to be one step ahead at all times. It’s no wonder, then, that the majority of companies are spending more on cybersecurity than...

Read More

Tanium Versus Tachyon: The Big Beasts of the Endpoint Detection and Remediation Jungle go Head-To-Head TANIUM VERSUS TACHYON: THE BIG BEASTS OF THE ENDPOINT DETECTION AND REMEDIATION JUNGLE GO HEAD-TO-HEAD

article

Aug 06, 2018

Prevention trumping cure is a such a well-polished truism it can be slightly jarring to learn that the emphasis has lately been undergoing a reversal in the realm of cybersecurity – with “cure” (or, “remediation”) taking growing precedence. Whereas previously organizati...

Read More

Using Deep Learning to Reduce the Security Risks of Unmanaged Devices USING DEEP LEARNING TO REDUCE THE SECURITY RISKS OF UNMANAGED DEVICES

article

Aug 02, 2018

Whether it’s an employee’s cell phone, a contractor’s iPad, or a virtual machine (VM) created by a compromised account for malicious purposes, any unmanaged device on your network should be considered a security risk. Whether legitimate, or unauthorized, or rogue, such unmanaged de...

Read More

A Look at Scan4You and the Counter Antivirus Service Landscape A LOOK AT SCAN4YOU AND THE COUNTER ANTIVIRUS SERVICE LANDSCAPE

article

Aug 02, 2018

The concept of antivirus (AV) scanning within IT security is simple and effective. These programs, which have become part and parcel of typical infrastructure and data protection strategies, scan enterprise networks for known malware signatures and other processes associated with suspicious hacker a...

Read More

Trojan Virus- Their Types and Methods to Remove Them TROJAN VIRUS- THEIR TYPES AND METHODS TO REMOVE THEM

article

Jul 31, 2018

A Trojan horse is a particular type of malware that is mostly disguised as authorized software. Trojans can be used by hackers and cyber-thieves trying to gain access to a user’s system. This takes place by tricking users with some form of social engineering into loading and then executing Tro...

Read More

Our Extensive Survey on IoT Cybersecurity Has Remarkable Top Consequence OUR EXTENSIVE SURVEY ON IOT CYBERSECURITY HAS REMARKABLE TOP CONSEQUENCE

article

Jul 26, 2018

Trend Micro recently conducted a global survey of IT and security decision makers. When asked about the top consequence to IoT security, many would have expected it to be data loss. However, the top consequence named with 52% of respondents was “Loss of Customer Trust.” IoT has a physica...

Read More

The Latest in Security Style Guide Happenings THE LATEST IN SECURITY STYLE GUIDE HAPPENINGS

article

Jul 25, 2018

The Bishop Fox Cybersecurity Style Guide has been constantly evolving since its initial rollout in February 2018. It’s undergone one other iteration (v1.1, which you can find here) – until now, that is. For our audience’s convenience, we decided to create a digital version of the s...

Read More

TWO MAJOR REASONS WE’RE FAILING AT CYBERSECURITY TWO MAJOR REASONS WE’RE FAILING AT CYBERSECURITY

article

Jul 25, 2018

You use email constantly. It’s the lifeblood of communication, commerce and exchange of ideas across your organization. Imagine trying to do your job in 2018 without it. It’s impossible, isn’t it? It’s just supposed to work, and when it doesn’t, everything you do comes ...

Read More

How Panaseer is Leading the Way in Cyber Hygiene for Enterprise Security HOW PANASEER IS LEADING THE WAY IN CYBER HYGIENE FOR ENTERPRISE SECURITY

article

Jul 25, 2018

The recent data breaches at Equifax, Uber, Deloitte and Yahoo, are an indication of the ever-growing sophistication of hackers and cyberattacks. If this trend continues, breaches could be bigger, hackers smarter, and security teams more vulnerable. Prevention is better than cure. Defining and implem...

Read More

The Internet of Things era: 6 ways to stay safe THE INTERNET OF THINGS ERA: 6 WAYS TO STAY SAFE

article

Jul 14, 2018

In the recent times, we get to hear stories of online criminals spying on people through baby monitors, failing of smart locks after a software update, personal information theft through webcams and stalkers effortlessly preying on their victims with the help of spyware. In simple, security breaches...

Read More

Employee Security Awareness Training – Management Side EMPLOYEE SECURITY AWARENESS TRAINING – MANAGEMENT SIDE

article

Jul 09, 2018

As many organizations have learned to their regret, a policy for cybersecurity – however comprehensive, proactive, and technologically sound it may be – is doomed to failure if its terms aren’t adhered to by stakeholders of the enterprise, across the board. This emphasizes the need...

Read More

Breaches of Wellington’s utility department affects residents BREACHES OF WELLINGTON’S UTILITY DEPARTMENT AFFECTS RESIDENTS

article

Jul 03, 2018

Investigation of the breach. Residents were informed that utility bills paid by credit card between July 2017 and February 2018 could be at risk, with customer names, credit card numbers, and expiration dates potentially exposed. The breach forced Wellington to shut down its payment portal and launc...

Read More

Assessing Microsoft 365 security solutions using the NIST Cybersecurity Framework ASSESSING MICROSOFT 365 SECURITY SOLUTIONS USING THE NIST CYBERSECURITY FRAMEWORK

article

Jul 02, 2018

Microsoft 365 security solutions align to many cybersecurity protection standards. One widely-adopted standard is the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). Developed for the US government, NIST CSF is now also used by governments and enterprises worldwide...

Read More

Cybersecurity concerns ground drones in the military CYBERSECURITY CONCERNS GROUND DRONES IN THE MILITARY

article

Jul 02, 2018

The Department of Defense (DoD) has temporarily banned the purchase and use of commercial off-the-shelf drones because of cybersecurity risks. The Pentagon needs to plan to patch the cybersecurity vulnerabilities in unmanned aerial systems (UAS) and mitigate security risks before the ban is lifted. ...

Read More

Employee negligence named as biggest cybersecurity risk to US businesses EMPLOYEE NEGLIGENCE NAMED AS BIGGEST CYBERSECURITY RISK TO US BUSINESSES

article

Jun 29, 2018

New research from Shred-it’s 2018 State of the Industry Report has revealed that 84% of C-suites and 51% of small business owners have named employee negligence as one of the biggest information security risks to US businesses. Employee negligence was named as a top data breach concern. Key fi...

Read More

Reintroducing the Cybersecurity Style Guide: V1.1 REINTRODUCING THE CYBERSECURITY STYLE GUIDE: V1.1

article

Jun 27, 2018

It’s been four months since we released Version 1 of the Style Guide to the public, and the response has been incredible. From the moment we published V1, we’ve continued to improve the guide internally. Through daily editorial work and engaging with users like you, we’ve expunged ...

Read More

5 Examples of Data & Information Misuse 5 EXAMPLES OF DATA & INFORMATION MISUSE

article

Jun 25, 2018

What is Data Misuse? Data misuse is the inappropriate use of data as defined when the data was initially collected. Misuse of information typically can be governed by laws and corporate cybersecurity policy. However, even with laws and policies in place, the potential for data misuse is growing. The...

Read More

Multiple data breaches at Dignity Health affect 60K+ MULTIPLE DATA BREACHES AT DIGNITY HEALTH AFFECT 60K+

article

Jun 25, 2018

On May 31, 2018, San Francisco-based Dignity Health reported a data breach affecting almost 56,000 patients to the Department of Health and Human Services (HHS). This was the third-largest data breach reported in May. Cause of breach. Due to an email sorting error by Dignity’s scheduling vendo...

Read More

How to Confront an Insider Threat HOW TO CONFRONT AN INSIDER THREAT

article

Jun 22, 2018

So, you’ve successfully detected, and then investigated a potential insider threat. You’ve learned a great deal about that user (be it an employee or a third-party contractor), including who they are, what happened, when, where, and also why, thanks to the visibility given to you by your...

Read More

What’s causing the cyber-security skills gap? WHAT’S CAUSING THE CYBER-SECURITY SKILLS GAP?

article

Jun 21, 2018

The proliferation of next-gen technology into mainstream society has been a boon for consumers, entrepreneurs, and business owners alike. Between the rise of mobile computing, the Internet of Things (IoT), and modern social media, our society is more connected than ever before. But all of this techn...

Read More

Why is the Lucrative Cybersecurity Field still Struggling to Hook Prospective Practitioners? WHY IS THE LUCRATIVE CYBERSECURITY FIELD STILL STRUGGLING TO HOOK PROSPECTIVE PRACTITIONERS?

article

Jun 20, 2018

The belief that the field of cybersecurity offers individuals job security and above average pay has become generally accepted in today’s interconnected world. These beliefs are bolstered by hard facts, such as those presented in ISACA’s annual State of Cybersecurity research, which reve...

Read More

3 Reasons to Supplement a DLP with Insider Threat Management 3 REASONS TO SUPPLEMENT A DLP WITH INSIDER THREAT MANAGEMENT

article

Jun 19, 2018

Many organizations spend years investing significant resources into data loss prevention (DLP) tools designed to identify, classify, and monitor data, in an effort to prevent data exfiltration. Unfortunately, DLP tools alone aren’t stemming the consistent rise of insider threat-related inciden...

Read More

How are contractors being evaluated on their DFARS cybersecurity measures? HOW ARE CONTRACTORS BEING EVALUATED ON THEIR DFARS CYBERSECURITY MEASURES?

article

Jun 19, 2018

The deadline for complying with the Defense Federal Acquisition Regulation Supplement (DFARS) was December 31, 2017. However, contractors struggled to understand what the information security requirements actually meant. In response, the Department of Defense (DoD) provided guidance for “procu...

Read More

ISACA: Smart cities need to be made more secure ISACA: SMART CITIES NEED TO BE MADE MORE SECURE

article

Jun 15, 2018

Urban life is increasingly dictated by technology, but organizations aren’t doing enough to mitigate the risks that come with that, according to an ISACA® report. The survey of 2,000 cybersecurity professionals from across the globe focused on the challenges and opportunities of smart citi...

Read More

DoD predicts cost of fixing cyber vulnerabilities will surpass $250 million DOD PREDICTS COST OF FIXING CYBER VULNERABILITIES WILL SURPASS $250 MILLION

article

Jun 15, 2018

The rise of the Internet of Things (IoT) has increased the need for the Department of Defense (DoD) to strengthen its cybersecurity defenses – something already long overdue. The DoD estimates that it may have to spend more than $250 million over the next four years to mitigate existing vulner...

Read More

Coachable Moments: Insider Threats, Cloud Storage, & Working Remotely COACHABLE MOMENTS: INSIDER THREATS, CLOUD STORAGE, & WORKING REMOTELY

article

Jun 13, 2018

Insider threat management is about much more than ensuring you have the right technologies in place. It’s about the right mix of People, Processes, and Technology. Since people are at the center of all insider threats, having a strategy for ongoing cybersecurity awareness coaching and training...

Read More

Proposed SHIELD Act gains organizations’ support PROPOSED SHIELD ACT GAINS ORGANIZATIONS’ SUPPORT

article

Jun 13, 2018

The Stop Hacks and Improve Electronic Data Security (SHIELD) Act was introduced in November 2017 in response to the increasing number of data breaches and addresses major gaps in New York’s cybersecurity regulations. The SHIELD Act will impose fines of up to $5,000 per violation or $20 per ins...

Read More

Cybersecurity drills begin in NY CYBERSECURITY DRILLS BEGIN IN NY

article

Jun 12, 2018

Just months after the Facebook and Cambridge Analytica incident, in which users’ personal data was used to help Donald Trump’s election campaign, New York officials are conducting cybersecurity drills to test the state’s election system for vulnerabilities. About the cybersecurity ...

Read More

Tips for safe summer travels: your cybersecurity checklist TIPS FOR SAFE SUMMER TRAVELS: YOUR CYBERSECURITY CHECKLIST

article

Jun 08, 2018

Summer is just around the corner in the Northern Hemisphere, and with it comes vacation plans for many. Those looking to take some time away from work and home are likely making plans to secure their home, have their pets taken care of, and tie up loose ends at work. But how about securing your devi...

Read More

The Insider Threat Level: GDPR Total Recall, The CIA Hoarder, and At-Risk Agencies THE INSIDER THREAT LEVEL: GDPR TOTAL RECALL, THE CIA HOARDER, AND AT-RISK AGENCIES

article

Jun 08, 2018

The Insider Threat Level series is here to keep you up-to-speed on the numerous examples of insider threat incidents, trends, and best practices caught in the news, so you can be more prepared for anything coming your way. This week, we’re taking a look at: an EU data leak that brings up fond ...

Read More

Concerns arise as South Carolina Passes the Insurance Industry’s first Cybersecurity Law CONCERNS ARISE AS SOUTH CAROLINA PASSES THE INSURANCE INDUSTRY’S FIRST CYBERSECURITY LAW

article

Jun 06, 2018

In May 2018, South Carolina became the first state to pass a cybersecurity insurance bill requiring insurers to establish and implement a cybersecurity program protecting companies and consumers from a data breach. The law created rules for South Carolina insurers, agents, and other licensed entitie...

Read More

Form Follows Function: Why it is Important to Find Balance in Cybersecurity FORM FOLLOWS FUNCTION: WHY IT IS IMPORTANT TO FIND BALANCE IN CYBERSECURITY

article

Jun 05, 2018

What is balance? I often hear people talking about finding it, as though it were some object sitting on a shelf in a store. “There isn’t enough time in the day to do what I need to do,” or “I’ll get more sleep once I’m less busy” are common things that peopl...

Read More

Cyber insurance is booming, but it won’t protect you from GDPR fines CYBER INSURANCE IS BOOMING, BUT IT WON’T PROTECT YOU FROM GDPR FINES

article

Jun 04, 2018

The US is one of the biggest markets for cyber insurance, but you won’t be able to take out a policy protecting you from fines for breaches of the EU General Data Protection Regulation (GDPR). The law, which strengthens EU residents’ rights relating to their personal data, applies to all...

Read More

The Truth is Out There, but the Threat Is Already Inside THE TRUTH IS OUT THERE, BUT THE THREAT IS ALREADY INSIDE

article

Jun 01, 2018

Despite what you may have heard, not all cybersecurity threats come from outside the firewall or beyond your building’s walls. Though we may “want to believe,” there are numerous opportunities for your employees or contractors to cause damage from within. These insider threats can ...

Read More

90% of employees risk data breaches when using removable devices 90% OF EMPLOYEES RISK DATA BREACHES WHEN USING REMOVABLE DEVICES

article

May 29, 2018

A new study has found that 90% of employees regularly transferred company data onto unencrypted and unauthorized USB devices, putting that information at risk of data breaches. Dtex Systems’ report analyzed anonymous records of organizations across North and South America, Europe, and the Asia...

Read More

Google will soon provide cybersecurity tools for upcoming election events GOOGLE WILL SOON PROVIDE CYBERSECURITY TOOLS FOR UPCOMING ELECTION EVENTS

article

May 25, 2018

After the 2016 presidential election was targeted by (purportedly Russian) criminal hackers, state and election officials are wary of further cyberattacks on this year’s midterm elections. On May 1, an election results website went down during midterm primaries in Knox County, Tennessee follow...

Read More

Don’t fall into these hidden GDPR pitfalls DON’T FALL INTO THESE HIDDEN GDPR PITFALLS

article

May 22, 2018

With just weeks ahead of us, US companies are still unprepared for the EU’s General Data Protection Regulation (GDPR), according to Melissa – a global contact data quality and identity verification solutions provider. A survey conducted by NAPCO Research and Melissa requested feedback fr...

Read More

10 Tips to Reduce Common Vulnerabilities Exploited by Cybercriminals 10 TIPS TO REDUCE COMMON VULNERABILITIES EXPLOITED BY CYBERCRIMINALS

article

May 21, 2018

While it seems that today’s cybercriminals have a myriad of tricks and techniques at the ready to gain access to your network, the reality is that they are typically taking advantage of common vulnerabilities – such as unpatched software or default passwords – time and time again. ...

Read More

The Primary Factors Motivating Insider Threats THE PRIMARY FACTORS MOTIVATING INSIDER THREATS

article

May 21, 2018

There was once a time when the risk of an “insider threat” incident was relatively unknown, or simply not considered likely, within an organization. That time has quickly come and gone. With the rise in publicly-disclosed systems breaches and data leaks, along with the steady stream of s...

Read More

How to write a GDPR privacy notice HOW TO WRITE A GDPR PRIVACY NOTICE

article

May 21, 2018

If you’re just beginning your EU General Data Protection Regulation (GDPR)compliance journey, it’s unlikely you will be fully compliant by the time the Regulation is enforced on May 25, 2018. An integral part of your GDPR compliance project should be producing appropriate documentation, ...

Read More

Security Partnerships are Key to Increased Cybersecurity Maturity SECURITY PARTNERSHIPS ARE KEY TO INCREASED CYBERSECURITY MATURITY

article

May 17, 2018

Strong security partnerships will be key to a safer region as cybercriminals increasingly seek to compromise the growing digital infrastructure in META. The META region continues to be right at the forefront when it comes to developing and implementing technologies that are helping to shape the worl...

Read More

4 Ways to Defend Against Pretexting Scams 4 WAYS TO DEFEND AGAINST PRETEXTING SCAMS

article

May 16, 2018

Contrary to belief, insider threats are not always employees looking to steal company data and information with malicious intent. Many instances of data exfiltration at the hands of insiders are the result of simple mistakes, such as responding to a pretexting email. These unintentional insider thre...

Read More

NIST seeks feedback on its updated Risk Management Framework NIST SEEKS FEEDBACK ON ITS UPDATED RISK MANAGEMENT FRAMEWORK

article

May 16, 2018

The National Institute of Standards and Technology (NIST) has released a draft of its update to the Risk Management Framework (RMF), designed to help federal agencies and companies safeguard their information systems from cyber threats. The update will help organizations respond appropriately to pri...

Read More

What’s the Difference between a Penetration Test and a Vulnerability Assessment? WHAT’S THE DIFFERENCE BETWEEN A PENETRATION TEST AND A VULNERABILITY ASSESSMENT?

article

May 14, 2018

In the world of cybersecurity, nothing is static. The cyber threat environment is dynamic and evolving. There are new vulnerabilities discovered on a daily basis. Attacks are getting more sophisticated – they’re getting more complex and flying under the radar of traditional detection tec...

Read More

GDPR: 3 Ways to Protect Employees & Decrease Insider Threat Risk GDPR: 3 WAYS TO PROTECT EMPLOYEES & DECREASE INSIDER THREAT RISK

article

May 11, 2018

It might not seem like it, thanks to the added work it has created for organizations inside and outside of the EU, but the new GDPR compliance regulations were designed with the benefit of people in mind. The goal: “to protect all EU citizens from privacy and data breaches in an increasingly d...

Read More

NIST and automotive industry collaborate on new cybersecurity guidelines NIST AND AUTOMOTIVE INDUSTRY COLLABORATE ON NEW CYBERSECURITY GUIDELINES

article

May 09, 2018

Cybersecurity threats are on the rise. In response, the Automotive Industry Action Group (AIAG) has released the Cyber Security 3rd Party Information Security publication, which details cybersecurity guidelines for the automotive industry. The idea for the guidelines came about when a manufacturer a...

Read More

When should an organization report a data breach? WHEN SHOULD AN ORGANIZATION REPORT A DATA BREACH?

article

Apr 27, 2018

From May 25, 2018, compliance with the EU General Data Protection Regulation(GDPR) will be mandatory for organizations that process EU residents’ personal information. The Regulation joins a number of US federal and state laws that hold organizations accountable for mitigating and managing inf...

Read More

5 ways to improve your information security 5 WAYS TO IMPROVE YOUR INFORMATION SECURITY

article

Apr 25, 2018

Organizations are always looking for ways to improve their security posture, but the process is often frustrating. As soon as they secure one weakness, cyber criminals find another one. But if you take a step back, you’ll notice that, as much as cyber criminals’ tactics evolve, they alwa...

Read More

NIST releases updated version of the Cybersecurity Framework NIST RELEASES UPDATED VERSION OF THE CYBERSECURITY FRAMEWORK

article

Apr 24, 2018

After circulating a draft in December and accepting feedback, on April 16, 2018, the US Department of Commerce’s National Institute of Standards and Technology (NIST) released version 1.1 of its Cybersecurity Framework (CSF). Formally titled “Framework for Improving Critical Infrastructu...

Read More

Cybersecurity Metrics Your Board of Directors Should Care About & Why CYBERSECURITY METRICS YOUR BOARD OF DIRECTORS SHOULD CARE ABOUT & WHY

article

Apr 23, 2018

Businesses today are going through an incredible digital transformation – moving to the cloud, embracing the Internet of Things (IoT), implementing automation, etc. – all at a lightning fast pace. This is opening them up to new and expanding cybersecurity threats that are difficult to ma...

Read More

Cybersecurity of smart medical devices, hospital networks is top priority for the FDA CYBERSECURITY OF SMART MEDICAL DEVICES, HOSPITAL NETWORKS IS TOP PRIORITY FOR THE FDA

article

Apr 20, 2018

Securing medical devices is a top priority after countless vulnerabilities have been detected in connected medical devices and hospital infrastructures. Not only are hospital networks exposed to remote hacker attacks and security breaches, but they also struggle with insider threats and major errors...

Read More

Women Underrepresented at RSAC - Let WOMEN UNDERREPRESENTED AT RSAC - LET'S DO SOMETHING ABOUT IT

article

Apr 20, 2018

Although I’m excited to be at the RSA Conference with my Morphisec colleagues, it reminds me of the impetus for starting our Women in Cybersecurity Scholarship. Of 28 keynote speakers at RSAC, only seven are women, and six of these were added at the last minute following a string of scathing t...

Read More

THREAT INTELLIGENCE BRIEF: APRIL 18, 2018 THREAT INTELLIGENCE BRIEF: APRIL 18, 2018

article

Apr 18, 2018

“Great Western Railway urges online customers to update passwords after cyber-attack. The firm said hackers used an automated system to gain access to 1,000 customer accounts on its website and is taking action. While only a very small number of accounts have been affected by the attack, cyber...

Read More

Securing Your Organization SECURING YOUR ORGANIZATION'S HUMAN LAYER

article

Apr 18, 2018

In my time in the trenches, and in my previous role as a Gartner research analyst and industry advisor, I spent a LOT of time helping organizations across the world think through their cybersecurity programs. Much of this time was thinking through the defensive measures and how technology can assist...

Read More

New York City to offer free cybersecurity tools to deter criminal hackers NEW YORK CITY TO OFFER FREE CYBERSECURITY TOOLS TO DETER CRIMINAL HACKERS

article

Apr 17, 2018

New York Mayor Bill de Blasio recently announced that, in an effort to improve cybersecurity, the city will be offering a free mobile app that warns users when suspicious activity is detected on their devices. The program, NYC Secure, is a pioneering cybersecurity initiative protecting New Yorkers o...

Read More

Cyber-nationalism in Cybersecurity Standards CYBER-NATIONALISM IN CYBERSECURITY STANDARDS

article

Apr 16, 2018

There are a variety of global standards that have been created to provide guidance to Industrial Control System (ICS) vendors and end users attempting to secure systems. Examples include ISA/IEC 62443, and ISO/IEC 15408. Many countries are utilizing these globally accepted standards to define ICS cy...

Read More

Securing Critical Infrastructure in the Wake of Unprecedented Cyber Threats SECURING CRITICAL INFRASTRUCTURE IN THE WAKE OF UNPRECEDENTED CYBER THREATS

article

Apr 11, 2018

Last year saw a worrying trend in the cybersecurity attack arena as critical infrastructure came under fire, with many suggesting in 2018 these attacks could escalate. Various defense departments warned of nation-state campaigns targeting operational technology (OT) within the energy sector and nucl...

Read More

How blockchain could solve the internet privacy problem HOW BLOCKCHAIN COULD SOLVE THE INTERNET PRIVACY PROBLEM

article

Apr 09, 2018

Blockchain, with its encrypted and immutable record, will eventually be used create universal digital identities, filled with information that only we will control and that will link back to the issuing banks, governments or even employers. Fintech firms, software makers, telecom providers and other...

Read More

Crossing the watershed – digital skills crises will soon be history CROSSING THE WATERSHED – DIGITAL SKILLS CRISES WILL SOON BE HISTORY

article

Apr 04, 2018

There is no shortage of talent, only of employers who train that talent. Thirty years ago it took around 18 months turn a University Graduate into a competent analyst programmer. During that second year about 30% left for more money. Hence the reluctance to train and sporadic skills “crises&ld...

Read More

IBM X-Force Report: Fewer Records Breached in 2017 IBM X-FORCE REPORT: FEWER RECORDS BREACHED IN 2017

article

Apr 04, 2018

The 2018 IBM X-Force Threat Intelligence Index has found the number of records breached dropped nearly 25 percent in 2017, as cybercriminals shifted their focus on launching ransomware and destructive attacks that lock or destruct data unless the victim pays a ransom. Last year, more than 2.9 billio...

Read More

Annual Cybersecurity Report: Impacts on Government ANNUAL CYBERSECURITY REPORT: IMPACTS ON GOVERNMENT

article

Apr 03, 2018

In our just released 2018 Annual Cybersecurity Report: Impacts on Government, we found that cyber attacks against agencies across the U.S. are increasing every day. From ransomware and distributed denial of service (DDoS) to IoT botnets and cryptojacking, the mix of threats are also becoming more le...

Read More

Protective Layers – Cybersecurity for Healthcare PROTECTIVE LAYERS – CYBERSECURITY FOR HEALTHCARE

article

Apr 03, 2018

Layered defense is key to a successful Cybersecurity Strategy in Healthcare which starts with endpoint management. The number of internet connected (IoT) devices is exploding. In a healthcare setting, these “endpoint” devices not only provide significant new opportunities for improving p...

Read More

What Changes Q1 Brought to Cybersecurity WHAT CHANGES Q1 BROUGHT TO CYBERSECURITY

article

Apr 02, 2018

So far, 2018 has brought a number of new trends to the cybersecurity space, some of which were predicted correctly and some were not. Mari Galloway, director of finance and communications at the Women's Society of Cyberjutsu looked at what Q1 brought us. The first quarter of 2018, what an intere...

Read More

OPM tells agencies how to respond to cyber workforce needs OPM TELLS AGENCIES HOW TO RESPOND TO CYBER WORKFORCE NEEDS

article

Apr 02, 2018

The Office of Personnel Management released updated guidance to help agencies identify and address critical cybersecurity workforce needs. The document sets out a series of timelines detailing how agencies should identify and classify high-value IT and cybersecurity positions before developing actio...

Read More

State of Software Security: Checking the Pulse of the Healthcare Industry STATE OF SOFTWARE SECURITY: CHECKING THE PULSE OF THE HEALTHCARE INDUSTRY

article

Mar 30, 2018

Over the past year, our scans of thousands of applications and billions of lines of code found a widespread weakness in applications, which is a top target of cyber attackers. And when you zoom in from a big picture view down to a micro-level, there are a few industries that are struggling to keep u...

Read More

Healthcare Cybersecurity Vulnerabilities HEALTHCARE CYBERSECURITY VULNERABILITIES

article

Mar 29, 2018

Do you know where your healthcare system is vulnerable? As new technology and innovation continue to emerge in healthcare, vulnerabilities aren’t falling behind and pop up everywhere. So, what can you do? To protect your organizations, first of all, you need to be aware of the most vulnerable ...

Read More

NIST Cybersecurity Framework Series Part 3: Detect NIST CYBERSECURITY FRAMEWORK SERIES PART 3: DETECT

article

Mar 28, 2018

Enterprise chief information security officers have their work cut out for them in the current threat landscape. As attack and infection strategies become more complex and difficult to predict, the business’s CISO must ensure that the organization’s most critical information assets and t...

Read More

Push for Progress: Empowering Women in Cybersecurity With Voice, Vision and Innovation PUSH FOR PROGRESS: EMPOWERING WOMEN IN CYBERSECURITY WITH VOICE, VISION AND INNOVATION

article

Mar 27, 2018

International Women’s Day has come and gone, but that doesn’t mean the push for progress is over. All across the world — in industries far and wide — women were celebrated for their accomplishments on March 8. Here at IBM, women were asked to submit a video or photo to demons...

Read More

Strengthen Cybersecurity Through a United Industry STRENGTHEN CYBERSECURITY THROUGH A UNITED INDUSTRY

article

Mar 23, 2018

Every process requires detail, precision and collaboration. If all of the components of the process aren’t working together, it fails. And that can result in catastrophe. As an example, let’s consider a relatively simple machine and one of its primary components: the bicycle and, more sp...

Read More

A preview of the new NIST Cybersecurity Framework A PREVIEW OF THE NEW NIST CYBERSECURITY FRAMEWORK

article

Mar 23, 2018

The NIST Cybersecurity Framework has become the de facto set of guidelines for critical infrastructure organizations to assess information security risk and implement adequate cybersecurity measures to manage risk, while protecting consumer privacy. Since being published in February 2014, the framew...

Read More

Did Microsoft admit that Surface Pro 4 Flickergate is a hardware problem? DID MICROSOFT ADMIT THAT SURFACE PRO 4 FLICKERGATE IS A HARDWARE PROBLEM?

article

Mar 21, 2018

The infamous problem with screen flicker and shaking on the Surface Pro 4 – a problem so ubiquitous it spawned the flickergate.com web site – may be nearing a resolution. Finally. I’ve been talking about the Surface Pro 4 flickering and shaking problem since October 2015. In April ...

Read More

STOP. THINK. CONNECT.™ Partnership for Systemwide Information Security Awareness STOP. THINK. CONNECT.™ PARTNERSHIP FOR SYSTEMWIDE INFORMATION SECURITY AWARENESS

article

Mar 21, 2018

By becoming a STOP. THINK. CONNECT.™ partner, UC joined more than 700 organizations worldwide making a difference in online safety and cybersecurity. Several UC locations, as well as the systemwide Information Security Awareness Workgroup, were already using STOP. THINK. CONNECT.™ resour...

Read More

How to Get Vital Cybersecurity Messages to Resonate in Higher Ed HOW TO GET VITAL CYBERSECURITY MESSAGES TO RESONATE IN HIGHER ED

article

Mar 20, 2018

Higher education IT professionals want — and need — to keep students informed about cybersecurity breaches and loss prevention, but the message may not be getting through, according to a CDW survey of 250 IT staff and 300 students. Here’s one example of the disconnect: 82 percent o...

Read More

8 questions to ask about your industrial control systems security 8 QUESTIONS TO ASK ABOUT YOUR INDUSTRIAL CONTROL SYSTEMS SECURITY

article

Mar 19, 2018

A recent incident where a likely nation-state threat actor inadvertently shut down a critical infrastructure facility in the Middle East when testing new malware has stoked widespread concerns about the vulnerability of industrial control systems (ICSs) to new cyberthreats. Many security experts see...

Read More

The Trends Are In: Cisco’s 2018 Cybersecurity Report THE TRENDS ARE IN: CISCO’S 2018 CYBERSECURITY REPORT

article

Mar 07, 2018

Recently, Cisco published the 2018 Annual Cybersecurity Report providing analysis and insights on the latest security trends and threats across the industry. John N. Stewart, Cisco’s Senior Vice President, Chief Security and Trust Officer captured the highlights in his latest blog, but I wante...

Read More

CRYPTOMINING GOLD RUSH ONE GANG RAKES IN $7M OVER 6 MONTHS CRYPTOMINING GOLD RUSH ONE GANG RAKES IN $7M OVER 6 MONTHS

article

Mar 05, 2018

The bloom is on the criminal cryptomining of computer resources and the reason is obvious – it’s lucrative. One cryptomining gang tracked by researchers over the past six months minted $7 million with the help of 10,000 computers infected with mining malware. The rise of malicious crypto...

Read More

Web-based attacks still reign supreme according to the EU Cybersecurity Agency WEB-BASED ATTACKS STILL REIGN SUPREME ACCORDING TO THE EU CYBERSECURITY AGENCY

article

Mar 02, 2018

Web-based attacks and malware do not just hold the cybercrime crown, but they’re on the rise — that’s according to the latest Threat Landscape Report by the EU Agency for Network and Information Security (ENISA). In its sixth annual report, ENISA also reported that in 2017 attacker...

Read More

Breach Costs Equifax $275 Million Dollars BREACH COSTS EQUIFAX $275 MILLION DOLLARS

article

Mar 02, 2018

March 2, 2018 — Equifax Inc said today that it expects $275 million in costs in 2018 related to the credit reporting company’s massive data breach last year, offset by $75 million in insurance proceeds. The costs mainly reflect technology and data security upgrades, legal fees, and the o...

Read More

U.S. cybersecurity threat risk remains high -- no signs of lessening U.S. CYBERSECURITY THREAT RISK REMAINS HIGH -- NO SIGNS OF LESSENING

article

Feb 27, 2018

The United States’ cybersecurity in both the public and private sectors is at continual risk, according to Director of National Intelligence (DNI) Daniel R. Coats. And the country should expect attacks from both nation state and non-state actors. Furthermore, the “potential for surprise&...

Read More

What’s shaping cybersecurity in 2018? WHAT’S SHAPING CYBERSECURITY IN 2018?

article

Feb 09, 2018

This year Cisco hosted the first CISO Experience at Cisco Live Barcelona, on 29 and 30 January. The event attracted over 60 Chief Information Security Officers (CISOs) and other senior security leaders, who discussed the topics that are shaping cybersecurity in 2018. In this first blog of the CISO E...

Read More

Five cybersecurity threats to keep on your radar in 2018 FIVE CYBERSECURITY THREATS TO KEEP ON YOUR RADAR IN 2018

article

Jan 29, 2018

Criminal hackers are finding increasingly sophisticated ways to infiltrate cyber targets. In 2018, organizations can expect even more menacing, intense cyber attacks as threat actors seek new ways to target victims. Here are five cybersecurity threats to look out for. The IoT is becoming more widesp...

Read More

SECURITY TRENDS 2018: THE TOP CYBERSECURITY COMPANIES SECURITY TRENDS 2018: THE TOP CYBERSECURITY COMPANIES

article

Jan 29, 2018

What makes a cybersecurity company the best?” is not an easy question to answer. It’s tough to identify the top cybersecurity companies when they aren’t going around telling consumers how many infections they missed or advertising how many breaches they allowed. There are dozens of...

Read More

In the United States will Create a Government Agency for Cybersecurity IN THE UNITED STATES WILL CREATE A GOVERNMENT AGENCY FOR CYBERSECURITY

article

Jan 29, 2018

The US House of Representatives passed a bill to establish an agency for cybersecurity and infrastructure security. The project was developed within 5 months and was supported by the majority of members of the House of Representatives. The creation of a new agency involves the reorganization of a nu...

Read More

Small Businesses - Big Targets for Cyberattacks SMALL BUSINESSES - BIG TARGETS FOR CYBERATTACKS

article

Jan 24, 2018

Cybersecurity has become a complex undertaking, but too many small businesses have fallen so far behind the curve that a successful attack could seriously impact them. That level of cyber risk reflects the exposure of modern businesses to email security issues that still mean an entire company can b...

Read More

Top 10 Cybersecurity Tips for Businesses in 2018 TOP 10 CYBERSECURITY TIPS FOR BUSINESSES IN 2018

article

Jan 12, 2018

While your people are without a doubt the power behind your business, they can also be a weakness when it comes to cybersecurity. Organizations must protect against all types of threats – internal and external – and, the first step to doing this is understanding the basics of cybersecuri...

Read More

5 Cybersecurity Challenges and Trends: What to Expect in 2018 5 CYBERSECURITY CHALLENGES AND TRENDS: WHAT TO EXPECT IN 2018

article

Jan 10, 2018

Cybercriminals are going to create 3.5 million new, unfilled cybersecurity jobs by 2021. Compare that with one million openings in 2016. That’s an increase of 350 percent in just five years. And with that increase comes some serious cybersecurity revenue dedication. Everywhere, businesses are ...

Read More

Top Cybersecurity Blog Posts From 2016 TOP CYBERSECURITY BLOG POSTS FROM 2016

article

Jan 08, 2017

What cybersecurity blog posts were most popular in calendar year 2016? The numbers don’t lie, and the metrics tell us what readers liked, and shared, and commented on, and viewed the most in the past year. As cybercrime and other online disruptions soared in 2016, it was another record-breakin...

Read More

Cybersecurity Today Heads to the Future CYBERSECURITY TODAY HEADS TO THE FUTURE

article

Jun 02, 2016

New cyberthreats are introduced every day at an increasingly rapid pace. Fortunately, for every new threat that’s introduced, someone, somewhere, has figured out how to remediate it and blogged about it. The problem? With over 2.5 quintillion bytes of data being produced around the world daily...

Read More

Series B Funding Round Validates Morphisec’s Groundbreaking Cybersecurity Technology SERIES B FUNDING ROUND VALIDATES MORPHISEC’S GROUNDBREAKING CYBERSECURITY TECHNOLOGY

article

When we founded Morphisec in 2014, it arose from the observation that too many endpoint protection solutions followed the same old paradigm, even if they were using more technologically sophisticated methods. We believed a fundamentally new approach was needed, one that looked from the point of view...

Read More

The Top 18 Security Predictions for 2018 THE TOP 18 SECURITY PREDICTIONS FOR 2018

article

What will happen in cyberspace in 2018? How will technology impact the real world over the next year? Once again, the cybersecurity industry is full of security predictions, cybersecurity trend reports, cyber forecasts, IT security analysis and red-hot security examples to allow everyone to try to c...

Read More

Craig Carpenter Quoted on New Cybersecurity Rules in Financial Industry CRAIG CARPENTER QUOTED ON NEW CYBERSECURITY RULES IN FINANCIAL INDUSTRY

article

Craig Carpenter was quoted in a Bloomberg BNA Banking Daily article discussing the New York Department of Financial Services’ potential new cybersecurity reporting requirements. In the article, Craig states that “many of the issues raised in the DFS letter, such as requiring a written cy...

Read More



SPOTLIGHT

The risk of high impact cyber-related breaches continues to be high on the agenda of organisations working across the financial services sector. The FCA’s recent publication of findings from a report on Cyber and Technology Resilience, has communicated a warning that there is “no immedia

RESOURCES