What are the signs of a breach? Are you catching them all or do you have a false sense of security (yes, pun intended) when it comes to all things cyber within your organization? Sean Martin reaches out to the community of experts to help him identify some ways to spot the signs of a breach that might not be immediately evident.
A new vulnerability was recently exposed and a proof of concept for an exploit was demonstrated alongside of it, highlighting again just how delicate the Internet really is. This time, the vulnerability impacts a protocol used across a variety of devices, taking aim at both business and end user systems—as well as data. Here’s what we know thus far.
Imagine for a moment you had a twin that you didn’t know about. A virtual copy of you that shopped where you shopped, read what you read, and was interested in exactly the same things you were. For all intents and purposes, this twin was you but with one big difference; this copy of you cared almost nothing about your privacy. Surprise! This copy of you exists and isn’t going away any time soon. So… now what? Well, for starters, you should read this Q&A between Jason Elrod and Sean Martin.
Every company uses e-mail to communicate, but few understand that this type of unstructured data needs to be protected. Considering that over 90% of attacks start with e-mail yet only 43% of IT professionals see projects involving unstructured data as a top priority, it’s not surprising that these attacks can cause significant financial damage. Here’s how companies can safeguard against this risk.
At one time or another, we’ve all connected to the Internet via public Wi-Fi – at a coffee shop, in a hotel, on a plane. The convenience is irresistible, but few people are aware that public Wi-Fi is one of the biggest risks to personal and business security because these networks are so easy to attack for hackers. Cybersecurity experts answer these questions: Are any public WiFi networks safe? What harm can be done on these public networks? And how can you protect yourself against this risk?
Between the massive amounts of data flowing through a company, the difficulty of managing its IT systems internally, relying on data synchronization and backup services, and the need to be budget conscious, much of this data may reside outside the firewall. But the use of convenient inward-out systems can put your company at risk if not managed properly.
Even with new technologies abound, we’ve come to rely on passwords as our primary means of managing access to systems, applications and data. In reality, passwords are our first—and in most cases, only—line of defense when it comes to protecting against unauthorized access, misuse and theft.
People go to work to do their job. They have meetings to attend, calls to make, tasks to complete, quotas to reach, and much more. So they can’t be bothered with worrying about information security. However, their habits – good and bad, innocent or malicious – are putting their employer’s business at risk. All it takes is one poorly made decision, or maybe even the lack of a decision in many cases, to damage or even destroy a business.
Ahhh yes, our employees. We love them dearly, but sometimes they do things that put the company at risk of a data breach or other cyber attack. I reached out to the InfoSec community to help me capture some of the more common scenarios and troubling cases where employees could cause a company harm, both unknowingly and maliciously.
It’s 2017 and we can no longer afford to ignore good cybersecurity practices. In this ITSPmagazine exclusive, we connected with top cybersecurity experts to get their recommendations on protecting business and users from malicious attacks.
Good Bots. Bad Bots. Can you tell those apart from the ‘normal’ traffic generated by the humans using your network? Sean Martin works with the team at Distil Networks to identify 10 ways to spot bad bots on your network?
If you believe the vendor hype, Artificial Intelligence is the greatest thing to ever happen to cybersecurity. Guess what? The vendors may be correct, but it’s not easy to determine what is useful technology and what is fluffy marketing.
There’s tremendous excitement about Machine Learning and its Artificial Intelligence applications for cybersecurity. There’s a lot of confusion and vendor technobabble, too, that must be sorted out.
From Big Data to Behavioral Analytics to Machine Learning, Artificial Intelligence presents a confusing landscape, in large part because the terms are vague and defined inconsistently (and vendors like it this way).
We’ve heard about cyberattacks against critical infrastructure sites and systems including dams (Bowman Avenue Dam in NY), railroads, electrical grids (Israel, US, Ukraine), and even nuclear power plants (Germany). But it doesn't stop there. And it may not even begin there.
How do you destroy 500 million trust relationships at once? Break in to Yahoo! Today the company claimed that a breach from as far back as 2014 – the result of a "state-sponsored actor" – led to the loss of "account information [that] may have included names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers."
When it comes to the creation of this market, it all boils down to supply and demand. Jeremiah Grossman is nudging the supply along - letting people get a taste of it - and hopefully the market will soon start demanding it. In this article, Sean Martin explores the cyber guarantee portion of the topic and the ability to create a new market from scratch.
The 8th Annual ISSA Los Angeles Information Security Summit was back at the Universal City Hilton again this year, drawing well over 700 registrants from all over Southern California, Arizona and Nevada. This post covers some of the highlights captured from this year's event.
This HITRUST conference proved highly relevant and extremely valuable to all professionals concerned with the health industry’s ongoing efforts to protect health data and other personally-identifiable information from the cyber threats targeting our businesses and institutions. Read these top 20 tips to see what the attendees heard.