Collaborate Disseminate
Despite the rhetoric around DevSecOps, security remains an afterthought when organizations are building software. Meanwhile, the latest Verizon threat report identified that web application attacks have doubled, validating that cloud-based data is unde… Continue reading Why DevSecOps remains a mirage
Enterprises have been experimenting with work from home policies for years. Unfortunately, that experiment suddenly became the default this spring as local and state governments across the U.S. issued “stay at home” orders, leaving tens of millions of … Continue reading Your greatest work from home lifeline is also your newest attack vector
With the dramatic shift toward remote workforces over the last three months, many organizations are relying more heavily on cloud tools and application suites. One of the most popular is Microsoft’s OneDrive. While OneDrive may seem like a secure cloud… Continue reading 5 keys to protecting OneDrive users
Being the PCI guy at my company carries a certain amount of burden. Not only am I responsible for all of the ongoing compliance and yearly assessments, but I also have to interpret the PCI DSS scriptures on how PCI affects products, initiatives, and pl… Continue reading 3 common misconceptions about PCI compliance
A vulnerability (CVE-2020-12695) in Universal Plug and Play (UPnP), which is implemented in billions of networked and IoT devices – personal computers, printers, mobile devices, routers, gaming consoles, Wi-Fi access points, and so on – may… Continue reading UPnP vulnerability lets attackers steal data, scan internal networks
Greek philosopher Heraclitus said that the only constant in life is change. This philosophy holds true for securing enterprise network resources. Network security has been and is constantly evolving, often spurred by watershed events such as the 2017 N… Continue reading Why traditional network perimeter security no longer protects
In this Help Net Security podcast, we’re joined by Leon Lerman, CEO of Cynerio, and Dr. John Halamka, emergency medicine physician and President of the Mayo Clinic Platform. They illustrate how insecure devices increase the cyber attack surface a… Continue reading Protecting hospitals to ensure patient safety, data confidentiality and business continuity
The COVID-19 pandemic has, in one broad swipe, rewritten the rules regarding our workforce and jobs, with an almost instantaneous transition to remote work for those who were able to. While certain jobs require physical presence, a number of jobs fortu… Continue reading Remote work in the time of COVID-19
As today’s threat landscape continues to feature more sophisticated, well-funded, highly organized and increasingly complex cyber adversaries, defense and remediation strategies have become much more challenging. Protecting an enterprise and preparing … Continue reading Five signs a virtual CISO makes sense for your organization
Employee health and safety have always been important, but the COVID-19 pandemic has made them more important than ever. Employers are concerned about the wellness of their employees, but they must now also take a closer look at the health of their bui… Continue reading How technology impacts building health