Architecture, Cyber Risk and Engineering

News alert: Diversified, GroCyber form partnership to deliver media-centric cybersecurity solutions

The Last Watchdog

FEBRUARY 8, 2024

•Cyber hygiene and monitoring.This new Diversified managed service monitors the hardware and software at a business to ensure it has the latest security patches, configuration and access control – minimizing the enterprise’s cyber risk exposure. Vulnerability management.

Media

Media Cybersecurity Penetration Testing Cyber Risk

North Korean Hackers Intensify Cyberattacks on South's Arms Industry

SecureWorld News

APRIL 25, 2024

"Heavily armored and weaponized nation-state threats are difficult to stop compared to lesser threats of opportunistic eCrime or more immature threats," says Ken Dunham, Cyber Threat Director at Qualys Threat Research Unit. "A currently Hanwha Ocean Co.

Manufacturing

Manufacturing Technology Cyber Risk Risk

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

The Last Watchdog

DECEMBER 14, 2023

Last Watchdog posed two questions: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? Wayne Schepens , Chief Cyber Market Analyst, CyberRisk Alliance Schepens The weakest link is still humans; attacks caused by social engineering remain a critical risk for all organizations.

Cybersecurity

Cybersecurity Marketing Encryption CISO

Webinars

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

MORE WEBINARS

SPOTLIGHT: Women in Cybersecurity

McAfee

NOVEMBER 3, 2020

Her work centered on helping aerospace manufacturers manage the convergence of cyber risk across their increasingly complex business ecosystem, including IT, OT and connected products. Director/CISO of IT Risk Management at Ulta Beauty located in Bolingbrook, IL. Director of Cyber Risk & Security Services.

Cybersecurity

Cybersecurity Architecture Cloud Migration Retail

When It comes to Cybersecurity – An ounce of prevention

CyberSecurity Insiders

JANUARY 18, 2022

Social engineering. Social engineering is the most prevalent way threat actors find their way into your environment. Network design and architecture. More complex architectures may be needed depending on the industry or the data. In others, it is a lack of budgetary foresight creating cyber risk.

Cybersecurity

Cybersecurity Backups Social Engineering Architecture

The Evolution of SIEM: Where It’s Been and Where It is Going

CyberSecurity Insiders

NOVEMBER 7, 2022

The most prevalent first- and second-generation SIEMs also came with very basic correlation engines, the best they knew how to do at that time. Splunk was founded in 2003 as essentially the first-ever flexible and powerful store and search engine for big data. They were also used for data retention and compliance.

Marketing

Marketing Unstructured Data Cyber Risk Technology

MY TAKE: Why companies had better start taking the security pitfalls of API proliferation seriously

The Last Watchdog

JANUARY 4, 2022

That said, APIs are certain to get a lot more attention by security teams — and board members concerned about cyber risk mitigation — in 2022. Legacy security architectures just don’t fit this massively complex, highly dynamic environment. Related: ‘SASE’ framework extends security to the network edge.

Digital transformation

Digital transformation Hacking Architecture Cyber Risk

Seven Massachusetts Cities Join Forces to Bolster Cybersecurity Posture

SecureWorld News

MAY 16, 2023

Botts has a different, and cautious, view on the North Shore IT Collaborative, saying: " I hate to throw cold water, but unless these towns build in a security architecture to go with the connectivity, all they will do is give a potential attacker access to more attack surfaces and an ability to propagate malware through a larger network.

Cybersecurity

Cybersecurity Insurance Cyber Risk CISO

Arctic Wolf Appoints Dan Schiappa as Chief Product Officer

CyberSecurity Insiders

JANUARY 10, 2022

He will be responsible for driving innovation across product, engineering, and business development teams to help meet demand for security operations through Arctic Wolf’s growing customer base—especially in the enterprise sector. Built on an open XDR architecture, the platform has scaled to ingest, parse, enrich, and analyze over 1.6

Cyber Risk

Cyber Risk Threat Detection Mobile Technology

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

SC Magazine

FEBRUARY 8, 2021

. “I believe this to be the next tectonic shift,” said Bryan Hurd, vice president at Aon Cyber Solutions. He referenced an insurer’s role in designing pressure relief valves for the steam engines powering Philadelphia in the 1800s: “They said if you wanted to have insurance, you have to have this piece of architecture on your system.”

Insurance

Insurance Cyber Insurance Cybersecurity Government

A Guide to Key Management as a Service

Thales Cloud Protection & Licensing

JUNE 15, 2023

DevOps engineers: KMaaS can benefit developers by providing a simple and secure way to integrate encryption into their applications. Reduce business threats Key Management as a Service can help organizations reduce cyber risks and address various threats to business and data security.

Encryption

Encryption Data breaches Authentication Risk

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

Below is our esteemed panel of SC Awards judges, contributing from health care, engineering, finance, education, manufacturing, nonprofit and consulting, among others. Since founding Cedric Leighton Associates, he has become an internationally known strategic risk expert. Click here to see the full list of 2021 SC Award finalists.

Computers and Electronics

Computers and Electronics Technology Education Information Security

What is WAAP? – A Quick Walk Through

CyberSecurity Insiders

JUNE 15, 2022

Now, old monolith apps are being broken into microservices developed in elastic and flexible service-mesh architecture. Protecting APIs against modern cyber threats requires going beyond the traditional solutions. Many of the businesses that already have revenue-generating web applications are starting an API-first program.

Firewall

Firewall DDOS Authentication Threat Detection

Cyber CEO: A Look Back at Cybersecurity in 2021

Herjavec Group

DECEMBER 15, 2021

Threat actors have developed social engineering approaches that leverage the uncertainty and chaos of the pandemic in order to deliver their malicious software. When it comes to cyber risks, the most up-to-date cybersecurity technology or regimented program doesn’t make an organization immune to an attack.

Cybersecurity

Cybersecurity Digital transformation Ransomware Cyber Risk

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

The Last Watchdog

DECEMBER 12, 2023

Related: Adopting an assume-breach mindset With that in mind, Last Watchdog invited the cybersecurity experts we’ve worked with this past year for their perspectives on two questions that all company leaders should have top of mind: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization?

Cybersecurity

Cybersecurity Social Engineering Cyber threats Software

9 Best Secure Web Gateway Vendors for 2022

eSecurity Planet

DECEMBER 15, 2021

As end users represent the biggest cyber risk to enterprises, secure web gateways are an important cornerstone of IT security, along with employee cybersecurity training and secure email gateways. It unites spyware, malware, and virus protection with a policy and reporting engine. Agent-based, proxy-free architecture.

Digital transformation

Digital transformation Engineering Internet Internet

Strong medical device security awareness stifled by inventory, knowledge gaps

SC Magazine

JULY 1, 2021

For example, reverse engineering malware requires an entirely different skillset than leveraging security to enable business operations, he explained. It allows you to understand the purpose of building a security architecture and the tasks become more manageable.”.

Security Awareness

Security Awareness IoT Risk Healthcare

Google Team Drives: 10 Benefits Every Enterprise Must Know

Spinone

JANUARY 14, 2019

Innovation is in Google’s DNA, and by being focused on core business processes, the company has put over a thousand hours of the user experience research engineers into this. Imagine that there are nearly 800 million monthly active users of Drive with trillions of files stored on Google Drive, representing enterprises’ knowledge.

Backups

Backups Technology Cloud Migration Engineering

GUEST ESSAY: A call for immediate, collective action to stem attacks on industrial control systems

The Last Watchdog

AUGUST 30, 2018

In the year since this attack, the industry has taken a step forward in cyber preparedness. We see plant asset owners addressing cyber risks with more vigilance, and vendors hardening their solutions with cybersecurity built directly into the product offer. These are important and positive steps. The role of standards.

Manufacturing

Manufacturing Cyber Risk Risk Cyber Attacks

High rates of known, exploitable vulnerabilities still found in the wild, report reveals

IT Security Guru

MARCH 11, 2022

” Irfahn Khimji, Chief Systems Engineer at Tripwire : “The longer a vulnerability is in the wild, the more time an attacker has to prepare an exploit. The quicker an organization can remediate vulnerabilities, the better protected they are.

Risk

Risk Software Cyber Risk Architecture

It’s About Time: Cybersecurity Insights, Visibility, and Prioritization

McAfee

OCTOBER 24, 2019

The findings of an ESG paper commissioned by McAfee concurred: “Organizations want more visibility into cyber-risks so they can tailor and prioritize their threat response and risk remediation actions in alignment with threats that may hit them,” said Jon Oltsik, ESG fellow. The threats that are engineered to target you.

Cybersecurity

Cybersecurity Artificial Intelligence Architecture Cyber threats

WEF Outlines Path to Cyber Resilience for Manufacturing Sector

SecureWorld News

MAY 29, 2024

Protecting manufacturing operations requires a shared responsibility model, which includes local plant leadership, manufacturing engineering and operations, and information technology and security teams. Leighton: "It's becoming more and more evident that cybersecurity professionals need to be trained in cyber intelligence trade craft.

Manufacturing

Manufacturing CISO Artificial Intelligence Cyber threats

What Is a SaaS Security Checklist? Tips & Free Template

eSecurity Planet

APRIL 9, 2024

Security infrastructure and redundancy: Check the vendor’s data centers, network architecture, backup and disaster recovery plans, and uptime assurances. Social engineering, for example, is a threat that makes use of human vulnerabilities for illegal access. Internal actors also play a substantial role in cybersecurity breaches.

Risk

Risk Threat Detection Data breaches Encryption

The Surge of Double Extortion Ransomware Attacks

Pen Test

OCTOBER 10, 2023

Implement strong network segmentation, zero trust architecture, least privilege access controls, and VPNs to strictly limit lateral movement. Provide cybersecurity awareness training to all personnel, enabling them to identify social engineering attacks and risky behavior.

Ransomware

Ransomware Backups Insurance Cyber Insurance

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

Security Affairs

APRIL 30, 2020

The threat actors leverage perfectly orchestrated social engineering technique by “persuading” people holding significant corporate positions to open a non-malicious PDF email attachment coming from an authentic address in their contacts.

Phishing

Phishing Accountability Financial Services Cloud Migration

Key Insights on Cybersecurity Risks for CEOs and Management Teams

Spinone

NOVEMBER 19, 2018

Let’s take a look at key insights on cybersecurity risks for CEOs and management teams. Understanding Cyber Risk Management Even if a CEO does not have a background in IT or experience with IT infrastructure in general, they must be aware of the risk and impact of cybersecurity or lack thereof on their business.

Risk

Risk Cybersecurity Technology Cyber Risk

34 Most Common Types of Network Security Protections

eSecurity Planet

MARCH 17, 2023

Examples of threatening traffic that IDPS solutions can combat include network intrusions, DDoS attacks, malware, and socially engineered attacks. With microsegmentation, the most sensitive parts of a network are roped off with stricter policies, often with zero-trust architecture and identity and access management protections in place.

Network Security

Network Security Penetration Testing Firewall Antivirus

Top 5 Cyber Predictions for 2024: A CISO Perspective

Security Boulevard

JANUARY 2, 2024

This past year set a profound stage, from the advent of stringent cyber regulations to the convergence of generative AI, social engineering, and ransomware. Last year, we witnessed the fast-evolving nature of social engineering attacks, and this evolution poses greater challenges for detection and defense.

CISO

CISO Social Engineering Architecture Ransomware

Key Cybersecurity Trends for 2024: My Predictions

Jane Frankland

DECEMBER 7, 2023

It’s where attackers work search engine rankings or paid social media content by employing deceptive techniques such as keyword stuffing, hidden text, link farms, or other unethical practices to drive traffic to their websites and gain undeserved visibility in search engine results.

Cybersecurity

Cybersecurity Cyber threats Insurance Artificial Intelligence

Will $1.9 Billion of Government Funding for Cybersecurity Help Protect the Nation’s Infrastructure?

CyberSecurity Insiders

FEBRUARY 16, 2022

But it’s not just ransomware that’s posing a threat; social engineering attacks climbed 270% in 2021 , driven by the widespread adoption of cloud-based apps and browsers, and 86% of organizations had had at least one employee connect unwittingly to a phishing site in 2021.

Government

Government Cybersecurity Cybercrime Technology

MY TAKE: GraphQL APIs rev up innovation – but also introduce a potential security nightmare

The Last Watchdog

APRIL 19, 2021

Ideally, businesses would fully understand the cyber risks posed by APIs and thoughtfully account for them. Into this milieu, engineers at Facebook contributed GraphQL, a new data query language for APIs and a cyber risk wild card. But things are far from ideal. Facebook’s choke point.

Digital transformation

Digital transformation Mobile Cyber Risk Internet

SOCwise: A Security Operation Center (SOC) Resource to Bookmark

McAfee

NOVEMBER 12, 2020

Core to any organization is managing cyber risk with a security operations function whether it be in-house or outsourced. McAfee has been and continues their commitment to protecting cyber assets. From Ismael Valenzuela , Senior Principal Engineer, McAfee.

Engineering

Engineering Risk Data collection Cyber Risk

Cyber Security Informer

News alert: Diversified, GroCyber form partnership to deliver media-centric cybersecurity solutions

North Korean Hackers Intensify Cyberattacks on South's Arms Industry

Webinars

Trending Sources

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

Webinars

SPOTLIGHT: Women in Cybersecurity

When It comes to Cybersecurity – An ounce of prevention

The Evolution of SIEM: Where It’s Been and Where It is Going

MY TAKE: Why companies had better start taking the security pitfalls of API proliferation seriously

Seven Massachusetts Cities Join Forces to Bolster Cybersecurity Posture

Arctic Wolf Appoints Dan Schiappa as Chief Product Officer

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

A Guide to Key Management as a Service

Meet the 2021 SC Awards judges

What is WAAP? – A Quick Walk Through

Cyber CEO: A Look Back at Cybersecurity in 2021

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

9 Best Secure Web Gateway Vendors for 2022

Strong medical device security awareness stifled by inventory, knowledge gaps

Google Team Drives: 10 Benefits Every Enterprise Must Know

GUEST ESSAY: A call for immediate, collective action to stem attacks on industrial control systems

High rates of known, exploitable vulnerabilities still found in the wild, report reveals

It’s About Time: Cybersecurity Insights, Visibility, and Prioritization

WEF Outlines Path to Cyber Resilience for Manufacturing Sector

What Is a SaaS Security Checklist? Tips & Free Template

The Surge of Double Extortion Ransomware Attacks

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

Key Insights on Cybersecurity Risks for CEOs and Management Teams

34 Most Common Types of Network Security Protections

Top 5 Cyber Predictions for 2024: A CISO Perspective

Key Cybersecurity Trends for 2024: My Predictions

Will $1.9 Billion of Government Funding for Cybersecurity Help Protect the Nation’s Infrastructure?

MY TAKE: GraphQL APIs rev up innovation – but also introduce a potential security nightmare

SOCwise: A Security Operation Center (SOC) Resource to Bookmark

Stay Connected