Marketing Is Overpromising And Under-Delivering Cybersecurity

The fear-mongering of cybersecurity is ruining the industry, as emotions are being targeted rather rationality. Fear sells, after all. Nathan Burke of Axonius discusses the current state of the InfoSec industry and what the way forward is from here.

SMBs Are Driving A New Wave of Cyber Insurance Adoption

Cyber Insurance is a rapidly growing market, and small- to medium-sized businesses are driving that growth. Ari Vared, Senior Director of Product at CyberPolicy, explains that as SMBs gather more data to leverage business decisions, they also need to be more aware of cyber risks and be prepared for an incident.

What If We Are Protecting The Wrong Things?

Too often, companies' security strategies revolve around minimizing reputational damage and achieving compliance. Javvad Malik, an award-winning information security consultant and security advocate at AlienVault, suggests that businesses need to take a more granular approach to focus on protecting employee and customer data instead.

The Benefit of a Software-Defined Perimeter

This article introduces the concept of a Software Defined Perimeter (SDP) as a progressive security model. Don Boxley, co-founder and CEO of DH2i, explains how an SDP overcomes today’s most prevalent data security challenges – especially as cloud adoption continues to soar – while presenting numerous, previously unattainable benefits.

How Secure Is Your Social Login?

To address the rising tide of data breaches, social network providers have enhanced their built-in security and have focused primarily on improving multi-factor authentication processes. To better understand what varying platforms offer, Ehud Amiri, senior director for product management at OneLogin, looks at how the leading social media sites are protecting their users.

Maybe Your Refrigerator Should Not Be Trusted with an IP

Despite the common belief that mainframes are secure fortresses of data, it's much easier than businesses might think to access the mainframe by hacking an employee's mobile phone or other connected smart device. Ray Overby, President of Key Resources, Inc., lays out two new ways that cybercriminals can get into corporate networks through a personal IoT device.

Understanding The Internet of Things (IoT) Security Risks

Until manufacturers of IoT devices incorporate strong security into their products, the only reliable way to keep devices from compromising an enterprise is to use network topology to prevent attackers from interacting with such devices. Dr. Srinivas Mukkamala, co-founder and CEO of RiskSense, looks at the top IoT security risks facing enterprises.

BYOD for Business Is on the Rise

As more people bring their own devices to work (BYOD), companies embracing blockchain can ensure that the infrastructure is secure and their employees are accommodated. Alistair Johnson, founder & CEO of Nuggets, explains how this new technology accommodates a fresh understanding of work and the technological peculiarities that come with it. 

Gamification: The ‘Secret Sauce’ For Your Software Security Program

With security often seen as an obstacle in the path of innovation, adhering to project delivery deadlines and staying agile, it can be something of a dirty word in the software industry. Pieter Danhieux, CEO of Secure Code Warrior, explains how to engage developers to code securely, bridge the gap between the development and security functions of the business, and strive for a higher build standard of software.

Developing a Framework and Methodology for Assessing Cyber Risk

ITSPmagazine co-founder Sean Martin interviews Howard Miller, co-author of “Developing a Framework and Methodology for Assessing Cyber Risk for Business Leaders“ (Journal of Applied Business and Economics, volume 20 (3), 2018), about the background of and vision related to this research article, how it applies to companies, boards and CEOs, risk management systems, and the ongoing development with Pepperdine CyRP.

Cyber Hygiene and Digital Resilience to Withstand a Cyber Attack

In the past, nation states such as North Korea and China had a very limited ability to respond to the U.S.’ military attacks or sanctions. But in today’s digital world, these countries use cyber-attacks to deter a sanction or get retribution. Wayne Lloyd, Federal CTO of RedSeal, provides a list of actions organizations can take to ensure good cyber hygiene and digital resilience to withstand a cyber event and/or recover quickly.

Can SMBs Do Something to Prevent Ransomware? (Yes!) - Part 2

Last year Locky, NotPetya and WannaCry ransomware savaged Internet users, with billions of dollars lost, data destroyed, worldwide shipping disrupted, and reputations damaged. Even though they are the most hacked businesses on the Internet, many SMBs do not have proper cybersecurity protections in place. In part 2 of this two-part series, Dave Moore, founder of Internet Safety Group, walks the reader through a well-crafted response plan and reviews of the top backup programs.

3 Strategies for Overcoming Security Burnout

With the problematic talent shortage in security, organizations are consistently operating understaffed and team members are forced to pick up the slack, which results in job fatigue and stress. Eric Sheridan, Chief Scientist at WhiteHat Security, offers three strategies for overcoming security burnout.

Can SMBs Do Something to Prevent Ransomware? (Yes!) - Part 1

Last year Locky, NotPetya and WannaCry ransomware savaged Internet users, with billions of dollars lost, data destroyed, worldwide shipping disrupted, and reputations damaged. Even though they are the most hacked businesses on the Internet, many SMBs do not have proper cybersecurity protections in place. In part 1 of this two-part series, Dave Moore, founder of Internet Safety Group, explains why and how SMBs need to make Internet safety training a top priority.

Productivity or Cybersecurity? Now You Can Have Both

When it comes to protecting end-user devices, many enterprises see two choices: either lock down devices and limit what users can access, or prioritize productivity and take some chances with security. Tal Zamir shows why this either/or proposition is untenable for CISOs, IT and end-users, and how a new software-defined endpoint approach is enabling enterprises to deliver completely secure and totally unrestricted user experience.

The Impact Of The GDPR On Employees: The Payroll Process

With the GDPR now in effect, businesses across Europe are adjusting to a new regulatory environment. David McLeod of activpayroll examines the GDPR's impact on the payroll landscape, and how employers might boost their compliance performance.

Employees Need Trust, Not Toys

When Remotive.io founder Rodolphe Dutel tweeted “Tech companies must offer trust, not toys, to attract and retain talent,” it went viral. Rather than offering toys – ping pong tables, beer fridges, etc. – to lure in more candidates, Rodolphe outlines what organizations should offer instead to attract the best talent, and why.

Building Cybersecure Culture through an Age-Old Technique: Apprenticeships

With an alarming talent gap in the industry, cybersecurity can no longer be thought of as a technical problem with a technical solution; it must be treated as a critical business concern. Charles Eaton of CompTIA discusses how apprenticeships can supply companies with a more predictable, sustainable pipeline of applicants, while providing new cybersecurity workers with necessary experience, education and mentorship.

6 Reasons Why SIEMs Aren’t a Security Analytics Tool

Given all the vendor- and analyst-speak in the security space, it’s become difficult for organizations to know the difference between Security Information and Event Management (SIEM) and security analytics. Here are 6 ways to tell a SIEM from a security analytics product.

Learn About Cryptomining – The Latest Most Popular Cyberattack

Criminal cryptomining has replaced ransomware as the leading type of cyber attack in 2018. While not all cryptomining is criminal in nature, this new type of cyber attack has gained momentum and popularity as a result of its success. Lastline’s director of threat intelligence, Andy Norton, explains the popular criminal techniques used to mine cryptocurrencies — and what lies ahead for cryptomining.