An Elegant and Practical Model for Security Practitioners

Have you ever done an assessment on how secure your DNS infrastructure is? Ponemon Institute has recently completed the first DNS Security Risk Survey among global organizations to understand how secure they are when it comes to malware and data exfiltration that uses DNS. The survey also provides insights into: The level of visibility these organizations have, especially in today’s complex network deployments. Their use of threat intelligence and the effectiveness of threat intelligence. The efficiency of their security operations.

Cyber-security is an increasing challenge for the shipping industry and Nautilus is stepping in to help members by co-hosting a special training webinar for seafarers in September. With high profile ransomware attacks on shipping companies such as Maersk and COSCO, operators are under pressure to improve their cyber-security and to develop improved measures to protect their systems from attack. However, there is evidence that many companies are not doing enough to educate seafarers about the risks of cyber-attacks or how to avoid them. Research by Nautilus showed that 86% of crew had never received any cyber security training from their employers. The Union is teaming up with security experts Appsecco and their specialist maritime division ShipSecure, to hold a webinar to raise awareness of cyber security issues onboard.

If you’re keeping even half an eye on the InfoSec news cycle, you know how big of a problem phishing is. The annual Verizon data breach found again this year that phishing was the leading way for malware to enter networks, with the average company reporting that 94% of detected malware came in via email. Thirty-two percent of confirmed breaches started with phishing, again the most common tactic. It makes sense, then, that so much security awareness content out there is focused on this threat. Some vendors make their business on it almost completely, with this trend extending to the phishing simulator emerging as a key selling point for those in the security awareness business.

Join an open source security leader and a former DoD DevSecOps engineer for actionable tips on successfully aligning your leadership, culture, and process to comply with federal cybersecurity directives.