Stay Ahead of Cybersecurity Breaches and Off the Media's Radar

KEVIN VILLANUEVA, TROY HAWES | April 26, 2016

article image
Cybersecurity risk may make headlines, but compliance and operational risk are everyday challenges for organizations across industries. Still, look at risk closely and you’ll see it isn’t always a liability: Used well, it can be an asset too. For four weeks, we’re presenting a series of articles and resources to help you manage risk and apply it to your advantage.

Spotlight

RAZORTHORN

Take Total-Control of your Cyber Presence Razorthorn Ltd is a dedicated Information Security and Cyber Intelligence consultancy with an international presence that helps its clients to take an integrated approach to Information security and Cyber intelligence ensuring the main pillars of People, Process and Technology are always included in the information life-cycle. Our belief in quality and discretion drives everything, resulting in satisfied, long term clients.

OTHER ARTICLES

Wormable, Unpatched Microsoft Bug Threatens Corporate LANs

Article | March 11, 2020

Microsoft is warning on a wormable, unpatched remote code-execution vulnerability in the Microsoft Server Message Block protocol – the same protocol that was targeted by the infamous WannaCry ransomware in 2017.The critical bug (CVE-2020-0796) affects Windows 10 and Windows Server 2019, and was not included in Microsoft’s Patch Tuesday release this week. The bug can be found in version 3.1.1 of Microsoft’s SMB file-sharing system. SMB allows multiple clients to access shared folders and can provide a rich playground for malware when it comes to lateral movement and client-to-client infection. This was played out in version 1 of SMB back in 2017, when the WannaCry ransomware used the NSA-developed EternalBlue SMB exploit to self-propagate rapidly around the world.

Read More

DOCUMENT PROOFREADING AND EDITING SERVICES FOR YOUR CYBERSECURITY POLICY

Article | June 14, 2021

Recent data breaches, ransomware, and malware trends have increased the need to protect customer privacy. Regardless of company size or industry, you need a cybersecurity policy to ensure cybersecurity best practices in your organization. A cybersecurity policy contains preventive measures that protect your network from cybercriminals. To ensure that your cybersecurity policy is easy to read, understand, and implement, you need cybersecurity policy document proofreading and editing services. Your cybersecurity policy spells out cybersecurity dos and don’ts drafted from industry and state regulations that your employees should follow. It states the instructions your employees should follow to prevent cyberattacks and how they should react when they notice a network security breach. This protects data, promotes customer privacy, and prevents cyber-attacks. In this article, we spell out why you need cybersecurity proofreading and editing services.

Read More

Authentication and Passwords Concerns Top New Ponemon Institute Report

Article | February 20, 2020

IT security practitioners are aware of good habits when it comes to strong authentication and password management, yet often fail to implement them due to poor usability or inconvenience, says the 2020 State of Password and Authentication Security Behaviors Report by Yubico and Ponemon Institute. According to the report,IT security practitioners and individuals are both engaging in risky password and authentication practices, yet expectation and reality are often misaligned when it comes to the implementation of usable and desirable security solutions. The tools and processes that organizations put in place are not widely adopted by employees or customers, making it abundantly clear that new technologies are needed for enterprises and individuals to reach a safer future together.

Read More

Critical Gaps Remain in Defense Department Weapons System Cybersecurity

Article | March 13, 2020

While the U.S. military is the most effective fighting force in the modern era, it struggles with the cybersecurity of its most advanced weapons systems. In times of crisis and conflict, it is critical that the United States preserve its ability to defend and surge when adversaries employ cyber capabilities to attack weapons systems and functions. Today, the very thing that makes these weapons so lethal is what makes them vulnerable to cyberattacks: an interconnected system of software and networks. Continued automation and connectivity are the backbone of the Department of Defense’s warfighting capabilities, with almost every weapons system connected in some capacity. Today, these interdependent networks are directly linked to the U.S. military’s ability to carry out missions successfully, allowing it to gain informational advantage, exercise global command and control, and conduct long-range strikes. An example of such a networked system is the F-35 Joint Strike Fighter, which the Air Force chief of staff, Gen. David Goldfein, once called “a computer that happens to fly.” Underpinning this platform’s unrivaled capability is more than 8 million lines of software code.

Read More

Spotlight

RAZORTHORN

Take Total-Control of your Cyber Presence Razorthorn Ltd is a dedicated Information Security and Cyber Intelligence consultancy with an international presence that helps its clients to take an integrated approach to Information security and Cyber intelligence ensuring the main pillars of People, Process and Technology are always included in the information life-cycle. Our belief in quality and discretion drives everything, resulting in satisfied, long term clients.

Events