99% of successful attacks involve vulnerabilities that have been known to cybersecurity professionals for at least one year. Nollaig Heffernan describes the issues that exist today with applying software patches, primarily at the application layer, and advises on how to mange the patching effort and where priorities should lie for organizations.
We kicked off 2017 with a lot of excitement around a nasty set of SMB vulnerabilities which led to the devastatingly successful WannaCry and NotPetya attacks, and 2018 started off with a similar level of excitement concerning the Spectre and Meltdown vulnerabilities. Ivanti’s Chris Goettl discusses which trends have surfaced and what to watch for during the rest of the year.
It is every parent’s nightmare: their child is being bullied. Except it’s even more insidious if the bullying is happening online where it’s hard to see and even harder to stop. How can you prevent, spot and address cyberbullying, how can you get your child to talk about what might be happening to them, and how can you help them overcome it? Here are a few tips to get you started.
According to a new report from Kaspersky Lab, in only a year's time, the number of Internet users who have fallen victim to ransomware or malicious crypto miners has skyrocketed from 1.87 million (2016) to 2.7 million (2017). InfoSec and cybersecurity writer Kacy Zurkus gives us a brief journey of the rise and fall of ransomware and malicious miners.
How can companies be better at training employees to prevent phishing and improve security? Inky founder Dave Baggett provides a quick history of antivirus software, how antivirus worked then and now, and the flaws in security software.
The most effective first level of physical defense in your network architecture’s security infrastructure is the firewall. Yoram Ehrlich, VP Products at Niagara Networks, explains how there is now a clear shift toward next-generation firewall (NGFW) technology incorporating advanced know-how.
What are the signs of a breach? Are you catching them all or do you have a false sense of security (yes, pun intended) when it comes to all things cyber within your organization? Sean Martin reaches out to the community of experts to help him identify some ways to spot the signs of a breach that might not be immediately evident.
The #CyberAvengers, a group of salty and experienced professionals, offers a few quick tips that set up a cybersecurity early warning system, giving you a chance to make sure your “cyber fire” does not get out of control.
How can cybersecurity managers effectively identify strategic gaps when 90% of managers have never had strategic management training? Organizations that equip their cyber leaders with the knowledge to think and act strategically improve their chances for long-term success.
Attackers have shown their cards and the mid-market represents an extremely valuable alternative to the well-defended enterprise. Coronet founder and CISO Dror Liwer reviews the threat landscape and explains why it’s time for the mid-market to take cybersecurity as seriously as the enterprise, even as financial and operational constraints remain.
The power of the digital workplace comes with an exponential increase in human interaction, as well as an inherent catalyst for risk creation. As collaboration platforms continue to gain traction, the concern for insider threats grows. Greg Moran, Chief Operating Officer at Wiretap, offers his perspective and insight on Wiretap’s just-released Human Behavior Risk Analysis Report.
Recently, the South Korean cryptocurrency exchange Coinrail announced a hacking attempt on its website; the exchange is now offline. Schellman principal Doug Barbin explores the question: “Why would the alleged hack of an exchange site that no one knows anything about indicate that there is any sort of fundamental problem with the currency?”
The recent cyberattack on the MyHeritage DNA and genealogy testing company compromised about 92 million user accounts. CipherCloud's Pravin Kothari discusses the rise in consumer DNA testing, the risks of this data being used for exploitation or harm, and the protection that consumers should demand of their most valuable personal information.
Organizations of all sizes are vulnerable to cybersecurity threats, and they need to be able to detect indicators of compromise in order to address risks and respond to attacks. Integrating SIEM and SOAR combines the power of each to create a more robust, efficient and responsive security program – which ultimately allows security teams to avoid alert fatigue.
With the GDPR having begun its reign as the most comprehensive digital privacy legislation that the world has ever seen, we’ve officially entered a new era of data privacy rights and regulations. But it’s also a compliance burden to many businesses. Here are the four biggest rewards that businesses can reap by complying with privacy regulations like the GDPR – even if they don’t need to.
Quantum computers use a new unit of measurement, a single atom known as a qubit that greatly increases the computational power of a system, and this system will be more powerful than anything we’ve seen in history. In fact, quantum computing could render most modern security protocols obsolete within a few years.
Athletes, fans and the media are getting ready for first kick-off at this year’s FIFA World Cup at Spartak Stadium in Russia. But they are not the only ones. So are cyber criminals looking to hack into the mobile phones of billions of FIFA fans.
Today’s CISOs have one thing in common: the pressing need for funding to keep their security programs vital. Worldwide IT security spending jumped nearly 8 percent in the past year to top $90 billion, and it’s forecast to climb above $113 billion by 2020, but despite these numbers, executive decision-makers now want InfoSec costs inexorably linked to business value and return on investment.
In the new, hybrid world of IT — often described as borderless — traditional approaches to security have been become inadequate. This article examines the new risks introduced by hybrid IT computing, the challenges these pose, and best practices for addressing them.
With 281 billion emails sent every day, it’s no surprise that 91 percent of all cyberattacks and 98 percent of social engineering campaigns begin with email phishing scams. Vaporstream CEO Dr. Galina Datskovsky explains why EFAIL proves that it’s time to stop relying on email and instead embrace a more secure messaging solution.