Knowledge18 – Can You Prevent the Breach?

I had the opportunity to attend the Knowledge18 conference this past week, and from the registration to closing, I’ve never been to a show that’s had so much energy. Knowledge18 staff would start the morning with a DJ playing music and with… Continue reading Knowledge18 – Can You Prevent the Breach?

Integrity Management: What It Is and How It Can Protect Your Data

In a previous article, I noted that organizations are witnessing a surge in integrity-based attacks targeting their networks. Enterprises can defend themselves against these types of threats by turning to the National Institute of Standards and Technol… Continue reading Integrity Management: What It Is and How It Can Protect Your Data

Energy security pros worry about catastrophic failure due to cyberattacks

70 percent of energy security professionals are concerned that a successful cyberattack could cause a catastrophic failure, such as an explosion, a recent survey has shown. Of the 151 IT and operational technology (OT) security pros at energy and oil a… Continue reading Energy security pros worry about catastrophic failure due to cyberattacks

New infosec products of the week​: January 26, 2018

Empowering security teams with unlimited security data collection, indexing and search Exabeam Data Lake centralizes all relevant logs to reduce the work of collecting logs from multiple systems. It is built on open source, big data technology, providi… Continue reading New infosec products of the week​: January 26, 2018

Supercharging Cybercrime Detection with MITRE’s ATT&CK Framework

The majority of attacks that result in successful data breaches are simply not that complex. Many rely on well-known, tried-and-true methods. Indeed, the Verizon DBIR has for many years reported that upwards of 90% of attacks were successfully executed because of unpatched and known variabilities or misconfigured systems. If we can only learn a few […]… Read More

The post Supercharging Cybercrime Detection with MITRE’s ATT&CK Framework appeared first on The State of Security.

The post Supercharging Cybercrime Detection with MITRE’s ATT&CK Framework appeared first on Security Boulevard.

Continue reading Supercharging Cybercrime Detection with MITRE’s ATT&CK Framework

Should non-security functions get more involved in cybersecurity?

According to a survey conducted by Dimensional Research, 100 percent of respondents believe soft skills are important when hiring for their security teams. The three most important soft skills cited were analytical thinker (selected by 65 percent), good communicator (60 percent) and troubleshooter (59 percent). Tied for fourth place, “strong integrity and ethical behaviour” and “ability to work under pressure” were selected by 58 percent of participants. The need for soft skills has changed “The … More Continue reading Should non-security functions get more involved in cybersecurity?

Skilled security staff are hard to find, security teams need to be creative

A study conducted in July by Dimensional Research examined how organizations are addressing the cybersecurity skills gap. Study respondents included 315 IT security professionals at U.S.-based companies with more than 100 employees. According to the study, 93 percent of security professionals are concerned about the cybersecurity skills gap, and 72 percent believe it is more difficult to hire skilled security staff to defend against today’s complex cyberattacks compared to two years ago. Significantly, 81 percent … More Continue reading Skilled security staff are hard to find, security teams need to be creative

Attack types companies expect to encounter in 2017

What are the key attack types expected to cause the biggest security problems in 2017 and how successful will businesses be at defending against them? Tripwire and Dimensional Research asked 403 IT security professionals at companies with more than 1,000 employees based in the US, UK, Canada and Europe, and their answers revealed that only 3 percent of organizations have the technology and only 10 percent have the skills in place to address today’s top … More Continue reading Attack types companies expect to encounter in 2017

Healthcare IT professionals are overconfident

A Dimensional Research study evaluated the confidence of IT professionals regarding the efficacy of seven key security controls, which must be in place to quickly detect a cyber attack in progress. Study respondents included 763 IT professionals from various industries, including 101 participants from the healthcare sector. Healthcare IT professionals participating in the study were overconfident in their ability to quickly collect the data needed to identify and remediate a cyber attack. For example, while … More Continue reading Healthcare IT professionals are overconfident

Does your organization have an endpoint security strategy?

Only thirty-three percent of IT security professionals have security strategies in place to protect the growing number of endpoints on their networks, according to a recent study conducted by Dimensional Research among 500 IT security pros. Are you confident that all the devices connected to your network receive security updates in a timely fashion? Sixty percent of the respondents said they are not confident that all of the devices connected to their networks receive security … More Continue reading Does your organization have an endpoint security strategy?