best practices

Top 8 tips for implementing MFA effectively

Posted on by Admin
Top 8 tips for implementing MFA effectively

Cyber threats are becoming more frequent and sophisticated. Protecting our digital assets isn’t just a priority — it’s a necessity. And, while we are observing Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) noted companies need to “turn on multifactor authentication (MFA).” However, there needs to be a more calculated approach to doing so. MFA is a powerful tool in our cybersecurity arsenal that adds extra layers of security beyond just passwords. But,…

Read More

SaaS governance is improving, but AI presents new challenges

Posted on by Admin
SaaS governance is improving, but AI presents new challenges

Despite hitting a high in 2022, apps identified as “shadow IT” dropped from 53% to 48% in 2023. This drop signals an increase in SaaS governance actions: we’re getting better within enterprises at knowing what apps employees are using, and better at enforcing policies around SaaS use. Anecdotally, I’m seeing that the creation of SaaS governance councils is becoming the norm; businesses are responding to a need for repeatable processes that allow teams to cross-functionally…

Read More

4 steps organizations can take to get started with AI-powered SecOps

Posted on by Admin
4 steps organizations can take to get started with AI-powered SecOps

Cybersecurity is under siege. While 74% of security leaders recognize the growing threat of AI-powered cyberattacks, only 40% feel confident in their ability to defend against them. The latest AI tools are making highly personalized phishing attacks and the ability to change the signatures and hashes associated with malware files easier than before. Not to mention, methods to identify exactly when and where AI is being applied are scarce. This leaves CISOs racing against the…

Read More

Next-generation security: Blending cyber and physical strategies for optimal protection

Posted on by Admin
Next-generation security: Blending cyber and physical strategies for optimal protection

In today’s rapidly evolving technological landscape, cyber and physical security convergence has become more critical than ever. With the rise of the Internet of Things (IoT) and the Industrial Internet of Things (IIoT), organizations face unique challenges in safeguarding digital and physical assets. This article explores the concept of security convergence, real-world incidents that illustrate its importance, and best practices for integrating cyber and physical security measures. Understanding cyber and physical security convergence Cyber and…

Read More

Managing the invisible risk of non-human identities

Posted on by Admin
Managing the invisible risk of non-human identities

In the dynamic world of cybersecurity, identity and access management (IAM) is a pivotal foundation. Ensuring that only authorized individuals and systems can access company resources is imperative. Unfortunately, while many organizations excel at managing human identities, they often need to pay more attention to a growing and potentially more hazardous category of digital actors known as non-human identities (NHIs). These unseen entities, which include service accounts, APIs, bots, and more, are rapidly multiplying, leading…

Read More

Tips for recovering lost DVR or CCTV footage

Posted on by Admin
Tips for recovering lost DVR or CCTV footage

Round-the-clock surveillance footage is crucial for protecting assets, ensuring building security and investigating criminal incidents.  Most modern CCTV surveillance systems run autonomously and capture hours of footage in large repositories, but it’s important to establish contingency plans in case this data is lost, stolen or overwritten.  Even the most robust and resilient security systems can fall victim to data loss or theft, or accidentally overwrite important CCTV or DVR video footage. Considering the recent CrowdStrike-Microsoft…

Read More

The integration security paradox: Strategies to protect data

Posted on by Admin
The integration security paradox: Strategies to protect data

As the adage goes, an organization is only as secure as its weakest link. With the growing emphasis on software integration, B2B SaaS companies are adding many links to their chains, creating new access points for attackers. The Crowdstrike tech outage demonstrates just how interdependent systems are, and the SolarWinds hack in 2020 highlighted the vulnerabilities in supply chain security and the potential consequences of large-scale cyberattacks. Third-party attacks accounted for nearly 30% of all…

Read More

Reclaim the information advantage from cyber criminals

Posted on by Admin
Reclaim the information advantage from cyber criminals

Attackers have the information advantage From SOC analysts to threat actors, everyone benefits from understanding the exposures existing in an organization’s external risks. While the SOC analysts’ benefits are more … wholesome, it is often found that adversaries have a more comprehensive understanding of an organization’s vulnerabilities. Leaked credentials, exposed documents, vulnerable hosts and hard-coded secrets frequently go unnoticed by organizations for months or years. Cyber adversaries consistently demonstrate their information advantage when it comes…

Read More

AI is coming for company credentials — Here’s how to fight back

Posted on by Admin
AI is coming for company credentials — Here’s how to fight back

The GenAI explosion is something to behold, with advancements in the technology emerging on a seemingly daily basis. But the cynical security professional in me also sighs, “This is why we can’t have nice things.” Where businesses see AI as a tool for efficiency and market differentiation, cyber attackers are in mustache-twirling mode, devising new schemes to exploit undefined learning curves.  As someone who spends each workday trying to make identity and access safer amid…

Read More

New honeypot techniques for addressing targeted attacks

Posted on by Admin
New honeypot techniques for addressing targeted attacks

Automated at-scale attack campaigns now represent the vast majority of online threats, and are starting to blend together with targeted attacks. As the number of these attacks increases, so does the cyber risk for organizations.   Unfortunately, the most common approaches to defense — including vulnerability management, phishing awareness, signature-based network and endpoint detection — are neither effective nor efficient in addressing these kinds of attacks because traditional third-party threat intelligence cannot provide adequate targeted…

Read More
1 2 3 6