The Falcon's View

AUGUST 6, 2018

First and foremost, your security program must account for basic security hygiene, which creates the basis for arguing legal defensibility ; which is to say, if you're not doing the basics, then your program can be construed insufficient, exposing your organization to legal liability (a growing concern). . Risk Management. The Basics.

InfoSec 40

InfoSec Risk Architecture Security Awareness 40

SecureWorld News

OCTOBER 19, 2023

Increased risk of cyberattacks The rising cost of living can lead to an increase in cybercrime, as people become more desperate to make money. Economic effects, including inflationary pressures, have had a broad impact across the InfoSec landscape," Smeaton said. Many are facing multifaceted challenges.

Cybersecurity 78

Cybersecurity CISO Education Phishing 78

Notice Bored

AUGUST 5, 2022

Security Posture suggests a confusing mix of application and account security metrics. Generally, though, the risk management and security arrangements quietly support and enable the business from the inside, as it were, rather than being exposed externally - unless they fail anyway!

CISO 63

CISO Risk Artificial Intelligence Marketing 63

Notice Bored

MARCH 14, 2022

ISO 22301 is an excellent reference here, enabling organisations to identify, rationally evaluate and sensibly treat both high probability x low impact and low probability x high impact information risks (the orange zone on probability impact graphics), not just the obvious double-highs (the reds and flashing crimsons!).

Risk 66

Risk Information Security Surveillance Architecture 66

Herjavec Group

SEPTEMBER 23, 2021

Not using easy to decrypt passwords or the same password for multiple accounts. Start with assessing your current program capabilities and identifying your greatest risks. Fortify areas that are most at risk. Developing a cybersecurity strategy that balances risk mitigation and user experience is key.

Cybersecurity 97

Cybersecurity Penetration Testing Digital transformation Risk 97

SC Magazine

FEBRUARY 8, 2021

He referenced an insurer’s role in designing pressure relief valves for the steam engines powering Philadelphia in the 1800s: “They said if you wanted to have insurance, you have to have this piece of architecture on your system.” In so doing, “they drove security or solutions to avoid large insurance claims.”. billion in premium.

Insurance 126

Insurance Cyber Insurance Cybersecurity Government 126

Security Boulevard

OCTOBER 27, 2021

As organizations continue to gather more data than ever before, the surface area of risk, and subsequently the blast radius, will exponentially increase when an incident materializes. . A Zero Trust architecture should be at the center of every security strategy. Establish a Zero Trust Mindset. Improve Your SOC.

Ransomware 59

Ransomware Backups Mobile InfoSec 59

Security Boulevard

OCTOBER 24, 2023

An organization’s users must have trust in both the domain and the fidelity of its architecture. Whenever a user interactively authenticates to a domain controller, the accounts credential material is cached into the memory of the LSASS.exe process. Adversaries constantly seek ways to access and maintain presence in your domain.

Backups 69

Backups Passwords Authentication Accountability 69

Cisco Security

JANUARY 28, 2021

When boiled down to its essence, InfoSec is all about risk mitigation, and risk is based on probability and impact. By integrating both Cisco and third-party technologies, Cisco SecureX ensures that it will fit in with the journey and vision for your security program. How can SecureX help you?

Technology 104

Technology InfoSec Antivirus Architecture 104

Lenny Zeltser

MAY 1, 2017

We need to define and disambiguate this term before attempting to determine whether we’ve accounted for the associated threats when designing security programs. There is an increasingly-acute need for infosec designs that account for attacks that incorporate unknown, previously-unseen components. Avoid Zero-Day Confusion.

Malware 68

Malware Software Cyber Attacks InfoSec 68

Notice Bored

JUNE 23, 2022

ISO/IEC 27003 offers a page of 'guidance on formulating an information security risk treatment plan (6.1.3 Plus there's the added question of whether even fully implemented controls are in fact effectively mitigating the risks as intended: are they in use, active, working properly, generating value for the organisation and earning their keep?

Risk 63

Risk Architecture Accountability InfoSec 63

Security Boulevard

FEBRUARY 27, 2023

Our imaginary supermarket architecture consists of: A main supermarket store. So, if we apply this to our analogy, we could class this data as low risk. However, would you react the same way if a single piece of low-risk data is affected (i.e. The core of our analogy will be comparing supermarket stock to a business’s data.

InfoSec 52

InfoSec Cybersecurity Risk Technology 52

Herjavec Group

DECEMBER 15, 2021

Mitigate Vulnerability Risk. When it comes to cyber risks, the most up-to-date cybersecurity technology or regimented program doesn’t make an organization immune to an attack. Operating with a team of individuals who are cybersecurity savvy is one of the best tools for cyber risk management. Be Prepared for the Worst.

Cybersecurity 52

Cybersecurity Digital transformation Ransomware Cyber Risk 52

CyberSecurity Insiders

JUNE 16, 2023

Cloud Security is often implemented with dedicated secure access service edge (SASE) architectures, including cloud access security brokers (CASBs). However, sensitive data is transmitted freely across internal and external APIs, increasing the risk of accidental or malicious exposure of different sensitive data types.

Risk 131

Risk Firewall Data breaches InfoSec 131

eSecurity Planet

DECEMBER 19, 2023

Bottom line: Prepare now based on risk. Without guidelines, organizations risk unfettered use of AI, risks of data leaks, and no recourse for unethical AI use within the organization. Also consider learning about the top governance, risk, and compliance tools to identify the best one for you.

Cybersecurity 139

Cybersecurity CISO Government Technology 139

Thales Cloud Protection & Licensing

JANUARY 7, 2022

Many analysts think of this tech as a subdomain of Zero Trust architecture – the initial but not the only building block of the whole concept. Is it possible to build an architecture in which the same rules apply to all users, or is the emergence of privileged accounts inevitable? Context sources for ZTNA.

Architecture 71

Architecture Technology Software Marketing 71

McAfee

JULY 7, 2020

McAfee Unified Cloud is a framework for implementing a Secure Access Service Edge (SASE) architecture and a safe way to accelerate digital transformation with cloud services, enable cloud and internet access from any device, and allow ultimate workforce productivity. We have deployed the solution to 100K+ endpoint devices with minimum issues.

Digital transformation 68

Digital transformation InfoSec Architecture Marketing 68

Cisco Security

AUGUST 26, 2021

We constantly see new threats, and threat vectors, come and go; which puts a tremendous strain on the InfoSec teams that have to protect organizations and businesses from these threats. CyberArk reduces VPN risk with MFA enforcement on any VPN client that supports RADIUS; including Cisco Secure Firewall. Read more here.

Technology 113

Technology Firewall VPN Authentication 113

Security Boulevard

NOVEMBER 18, 2021

This vulnerability affects all types of API architectures, including SOAP, REST, and GraphQL. If this vulnerability were to happen on an online shopping site, attackers might be able to harvest millions of bank accounts, credit card numbers, and addresses. Let’s look at an example! How can I prevent broken object-level authorization?

Authentication 64

Authentication Accountability Passwords Engineering 64

Duo's Security Blog

APRIL 29, 2022

Defining “storytelling” in an InfoSec context Inspiration - We the People: Democratizing Security “Storytelling” is a word that you will hear frequently within Duo’s creative team — now part of a Brand & Strategy unit for Cisco’s rebranded security organization Cisco Secure. But where to begin?

Marketing 98

Marketing Architecture InfoSec Authentication 98

ForAllSecure

JULY 19, 2022

Vamos i I realized this isn't the typical InfoSec opening for The Hacker Mind but it is an important backstory for this episode's guest. We talk about how we're trying to increase their visibility of their network, we want to decrease their complexity of what they're seeing and help them manage risk. Nobody stand back.

Cybercrime 52

Cybercrime Government Ransomware Risk 52