best practices

Reclaim the information advantage from cyber criminals

Posted on by Admin
Reclaim the information advantage from cyber criminals

Attackers have the information advantage From SOC analysts to threat actors, everyone benefits from understanding the exposures existing in an organization’s external risks. While the SOC analysts’ benefits are more … wholesome, it is often found that adversaries have a more comprehensive understanding of an organization’s vulnerabilities. Leaked credentials, exposed documents, vulnerable hosts and hard-coded secrets frequently go unnoticed by organizations for months or years. Cyber adversaries consistently demonstrate their information advantage when it comes…

Read More

AI is coming for company credentials — Here’s how to fight back

Posted on by Admin
AI is coming for company credentials — Here’s how to fight back

The GenAI explosion is something to behold, with advancements in the technology emerging on a seemingly daily basis. But the cynical security professional in me also sighs, “This is why we can’t have nice things.” Where businesses see AI as a tool for efficiency and market differentiation, cyber attackers are in mustache-twirling mode, devising new schemes to exploit undefined learning curves.  As someone who spends each workday trying to make identity and access safer amid…

Read More

New honeypot techniques for addressing targeted attacks

Posted on by Admin
New honeypot techniques for addressing targeted attacks

Automated at-scale attack campaigns now represent the vast majority of online threats, and are starting to blend together with targeted attacks. As the number of these attacks increases, so does the cyber risk for organizations.   Unfortunately, the most common approaches to defense — including vulnerability management, phishing awareness, signature-based network and endpoint detection — are neither effective nor efficient in addressing these kinds of attacks because traditional third-party threat intelligence cannot provide adequate targeted…

Read More

Summer travel plans? Don’t get scammed while you’re away

Posted on by Admin
Summer travel plans? Don’t get scammed while you’re away

Your itinerary is set.  Your luggage is packed.  You’ve even scheduled the Uber pickup for the morning trip to the airport. It seems as if nothing now stands in the way between you and clicking that glorious out-of-office button. However, if you work in IT or security, your pre-summer vacation checklist must go beyond the items you’ll pack inside a suitcase. How will you maintain the organization’s cyber security posture when you’re away from the…

Read More

The journey toward secure software development lifecycles

Posted on by Admin
The journey toward secure software development lifecycles

The digital transformation race is on, and companies are churning out applications at an ever-increasing pace. Unfortunately, this speed often comes at the cost of security. A recent study revealed a shocking statistic: 92% of companies experienced a breach due to vulnerabilities in their own internally developed applications. A different approach is clearly needed. The solution might be found in the security philosophy known as “shift-left,” which essentially promotes the integration of security practices earlier…

Read More

Locking out ransomware: A new way to look at security strategy

Posted on by Admin
Locking out ransomware: A new way to look at security strategy

Ransomware attacks are accelerating at a record pace, becoming dramatically more frequent and more sophisticated. In fact, nearly 60% of companies experienced ransomware events in the last year, forcing desperate businesses to cough up a staggering $1 billion in ransom payments. That’s up from the $220 million that was paid to bad actors in 2019. Change Healthcare is just one recent example. The company was hit with one of the largest ransomware attacks within healthcare,…

Read More

Absolutely the most important list you will ever read!

Posted on by Admin
Absolutely the most important list you will ever read!

Say this, not that. Read that, not this. Do this, not that. You too can become a great leader if you simply follow the exhortations of leadership lists that can be found all over the Internet.  Which phrases should good leaders never say? Dozens of articles purport to document the five, eight, 12, or 17 no-nos. Conversely, great leaders may exhibit their very greatness by injecting key incantations in their communications with staff. The Internet is rife…

Read More

Weapons detection in healthcare: A snapshot and guide

Posted on by Admin
Weapons detection in healthcare: A snapshot and guide

A woman carrying a Louis Vuitton purse and Macy’s shopping bag hurries through the front doors of a hospital in Washington, DC, and immediately eyes a recently installed weapons detection system (WDS) portal. Perhaps experienced with such fixtures at airports, she steps aside to allow others passage, then begins the ritual unburdening of bags, phones, keys, rings, pocket change, and other items that could possibly trigger an alert. A hospital security officer quickly intervenes and…

Read More

Top 5 things CISOs should know to protect their business

Posted on by Admin
Top 5 things CISOs should know to protect their business

For businesses of every size and level of maturity, a strong cybersecurity strategy is crucial to protecting sensitive data and other digital assets. The right security measures are key to building resilience against increasingly sophisticated cyber threats in an interconnected world but must also be optimized for a company’s business. There is no one best practice that is applicable to every company. The focus on cybersecurity will continue to sharpen, and companies will rely more…

Read More

To pay or not to pay? Negotiating in the age of ransomware

Posted on by Admin
To pay or not to pay? Negotiating in the age of ransomware

In 2023, more than 2,200 networks across United States hospitals, schools and government organizations, as well as thousands of private businesses, were breached by cybercriminals. With another record-breaking year for ransomware and data extortion in the rearview mirror, organizations of all sizes are preparing for when they’ll need to make their big payout in 2024. But what if paying the ransom wasn’t the only way out?  There’s often room to negotiate with threat actors or,…

Read More
1 2 3 4 6