Collaborate Disseminate
In its 2019 market guide for managed detection and response (MDR) services, Gartner forecasted that by 2024, 25% of organizations will be using MDR services, up from less than 5% today. While the percentage might not end up as high as that, there’… Continue reading Sophos Managed Threat Response: An evolved approach to proactive security protection
There is an uncomfortable truth that many organizations are not conducting comprehensive assessments of their information security risk; or those that do aren’t getting much value out of assessment exercises — because they simply don’t know how. Given … Continue reading Assessing risk: Measuring the health of your infosec environment
Cloud data breaches are on the rise, demonstrating time and again the need for a different approach and strategy when it comes to managing and monitoring privileged access to cloud ecosystems. Privilege access management (PAM) should: Be risk-aware and… Continue reading Managing and monitoring privileged access to cloud ecosystems
There is a war hitting small-town America. Hackers are not only on our shores, but they’re in our water districts, in our regional hospitals, and in our 911 emergency systems. The target du jour of ransomware hackers is small towns and they have gone a… Continue reading Ransomware attacks against small towns require collective defense
The verdict is in: quantum computing poses an existential threat to asymmetric cryptography algorithms like RSA and ECC that underpin practically all current Internet security. This comes straight from the National Academy of Science’s Committee on Tec… Continue reading How long before quantum computers break encryption?
As a security executive, you have a curious gig. On one hand, you’re responsible for securing your organization across multiple systems, networks, clouds, and geographies. On the other, your team owns none of those things. Organizing resources in a way… Continue reading How to start achieving visibility in the cloud
Former national security advisor John Bolton’s elimination of the cybersecurity coordinator role in May 2018 came as a surprise to many in the cybersecurity industry, especially security professionals that are tasked with securing federal networks, pro… Continue reading Should the National Security Council restore the cybersecurity coordinator role?
More than 99 percent of cyberattacks rely on human interaction to work, Proofpoint recently shared. More often than not, the principal attack method is phishing emails. When hitting enterprises, attackers love to impersonate Microsoft the most, as Offi… Continue reading How can we thwart email-based social engineering attacks?
A recent discovery by vpnMentor revealed a worst case scenario for biometrics: a large cache of biometric data being exposed to the rest of the world. In this case web-based biometric security smart lock platform, BioStar 2, was breached. This breach s… Continue reading Tackling biometric breaches, the decentralized dilemma
An anonymous bug hunter has released a working and elegantly simple exploit for a pre-authentication remote code execution flaw (CVE-2019-16759) affecting vBulletin and it didn’t take long for attackers to start using it. About vBulletin vBulleti… Continue reading vBulletin zero-day exploited in the wild in wake of exploit release