Blog - Cyber Security Informer

What Is Data Auditing? Why You Need It & How to Conduct It

Digital Guardian

MARCH 11, 2024

Data auditing is the process of conducting a thorough review and analysis of a company's data to ensure its accuracy, consistency, and security. Learn more about why your organization needs to carry out data auditing in today's blog.

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

The Last Watchdog

OCTOBER 5, 2023

Here is Erin’s Q&A column, which originally went live on OneRep’s well-done blog.) For the first expert interview on our blog, we welcomed Pulitzer-winning investigative reporter Byron V. How did you first get interested in cybersecurity as a career? What drew you to this field?

Cyber threats

Cyber threats Cyber Insurance Cybersecurity Threat Detection

The 5 C’s of Audit Reporting

Centraleyes

MARCH 12, 2024

What is a Security Audit? At its core, an audit systematically examines an organization’s processes, controls, and practices. In cybersecurity, audit management involves assessing the effectiveness of security measures, identifying vulnerabilities, and ensuring compliance with industry standards and regulations.

Risk

Risk Cybersecurity Government Firewall

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

A Full Guide to Achieving SOC 2 Certification for Startups

Centraleyes

NOVEMBER 16, 2023

Navigating the SOC 2 Audit Welcome to SOC 2 compliance , a crucial certification for safeguarding data security and trustworthiness in today’s digital landscape. It’s not just about SOC 2 compliance for startups; it’s about demonstrating to your clients and stakeholders that you take data security seriously.

Risk

Risk Data collection Backups Accountability

Manual vs Automated Risk Management: What You Need to Know

Centraleyes

MAY 5, 2024

Yet, while the consequences of such an attack can be severe – including data theft, financial loss, and reputational damage – the likelihood and severity of a specific company falling victim to a sophisticated cyberattack may vary. How do traditional manual methods fare against today’s digital threats?

Risk

Risk Data collection Cyber Risk Cybersecurity

Risk and Regulation: A Strategic Guide to Compliance Risk Assessment

Centraleyes

MARCH 3, 2024

Compliance Risk Assessments For a Dynamic Regulatory Terrain Crafting an effective compliance program is no one-size-fits-all endeavor; it involves tailoring a comprehensive strategy that addresses your company’s unique needs and confronts specific challenges head-on. Compliance Risk Assessment: Who, What, Where, When, and How?

Risk

Risk Technology Accountability Marketing

Data Loss Prevention: Best Practices for Secure Data Management

Centraleyes

APRIL 16, 2024

Cyber Data loss can lead to severe consequences, including financial losses, damage to reputation, and legal repercussions. Section 1: Understanding the Dynamics of Data Loss Prevention What is Data Loss Prevention? This involves defining clear policies, procedures, and data ownership throughout its lifecycle.

Encryption

Encryption Education Risk Healthcare

Executive Business Reviews with Duo Care Help Companies Reach Security Goals

Duo's Security Blog

FEBRUARY 15, 2023

You might recognize the term executive business review. You might have heard it called Health Check, Account Review, Quarterly Business Review, Report Card, or something else. Customer Success teams at different SaaS companies have called these meetings any number of things - but what do the meetings actually entail?

Engineering

Engineering Accountability Information Security CISO

7 Things Every CISO Needs to Know About PKI

Security Boulevard

OCTOBER 7, 2022

7 Things Every CISO Needs to Know About PKI. Why Public Key Infrastructure Is So Important. A public key infrastructure (PKI) is responsible for supporting public encryption keys while also enabling users and computers to safely exchange data over networks and verify the identity of other parties. Alexa Cardenas.

CISO

CISO Risk Cyber Attacks Technology

Too Many Security Testing Tools? Here Are 5 Things Your Devsecops Tools Should Do

ForAllSecure

MAY 30, 2023

But there are a lot of tools out there, and you don’t want to purchase tools that won’t be used or more tools than you need. So what DevSecOps tools do you need? And what’s the best way to buy as few tools as possible while still conducting comprehensive security testing?

Software

Software Penetration Testing Marketing Technology

The Hacker Mind Podcast: So You Want To Be A Pentester

ForAllSecure

FEBRUARY 23, 2021

Then I sat down and talked to an astronomer, and found out that much of his time was spent writing proposals, getting shot down, then writing new proposals, then, once the proposal was approved by the department, negotiating time on the massive university telescope -- all of which means maybe you get a few hours of actual sky time each year.

Penetration Testing

Penetration Testing InfoSec Cyber Attacks Education

The Hacker Mind Podcast: So You Want To Be A Pentester

ForAllSecure

FEBRUARY 23, 2021

Then I sat down and talked to an astronomer, and found out that much of his time was spent writing proposals, getting shot down, then writing new proposals, then, once the proposal was approved by the department, negotiating time on the massive university telescope -- all of which means maybe you get a few hours of actual sky time each year.

Penetration Testing

Penetration Testing InfoSec Cyber Attacks Education

The Weakest Link: Managing Supply Chain Risk

Approachable Cyber Threats

DECEMBER 21, 2023

This blog post will explore the evolving threat landscape of supply chain attacks, highlighting recent statistics and offering practical recommendations for organizations looking to strengthen their cybersecurity posture. What are supply chain attacks? Why does it seem like supply chain attacks are increasing?

Risk

Risk Cybersecurity Software Government

4 Critical Capabilities Your Cyber Risk Management Tools Should Have

Centraleyes

JANUARY 7, 2024

A single data breach can compromise your ability to operate, generate revenue, and ruin the reputation you’ve spent years building with your clients, business partners, and vendors. While you can hire the services of third-party consultants, you may lose a certain level of control over your organizational risks.

Cyber Risk

Cyber Risk Risk Penetration Testing Cybersecurity

The Weakest Link: Managing Supply Chain Risk

Approachable Cyber Threats

DECEMBER 21, 2023

This blog post will explore the evolving threat landscape of supply chain attacks, highlighting recent statistics and offering practical recommendations for organizations looking to strengthen their cybersecurity posture. What are supply chain attacks? Why does it seem like supply chain attacks are increasing?

Risk

Risk Cybersecurity Software Government

Best Practices for Application Security in the Cloud

Security Boulevard

JANUARY 27, 2022

AppSec teams may need to coordinate with security and ops teams from cloud service providers (CSPs) to ensure proper coverage and to adapt cloud-specific best practices. This blog covers AppSec cloud best practices and offers a basic framework on how to think about cloud AppSec. Why Cloud AppSec is Shifting Left.

Software

Software Risk Encryption Accountability

The Hacker Mind: Follow The Rabbit

ForAllSecure

MARCH 30, 2022

It’s about how they started with a deliberately misconfigured version of CosmosDB and ended up with complete unrestricted access to the accounts and the databases of thousands of Microsoft Azure customers. Owner: May I help you with something? Then I decided to hack you. I know you run a website called Plato’s Boys.

Firewall

Firewall Authentication Encryption Accountability

Advanced Phishing 201: How to Prevent Phishing from Impacting Your Users

Duo's Security Blog

MAY 10, 2023

Why is layered security essential against phishing? As mentioned in our previous post breaking down what modern-day phishing attacks look like , experts recommend that a layered approach to security can prevent single-point vulnerabilities and catch the most phish. PCI DSS, HIPAA, etc.)

Phishing

Phishing DNS Authentication Risk

API Security 101

Security Boulevard

NOVEMBER 18, 2021

The top ten vulnerabilities that threaten your API, how to identify them, and how to prevent them. Today, let’s go through each of these vulnerabilities to understand how they happen, how to identify them, and how to prevent them. There is no identity check in place before users access individual data objects.

Authentication

Authentication Accountability Passwords Engineering

LockBit is back and threatens to target more government organizations

Security Affairs

FEBRUARY 25, 2024

Last week, a joint law enforcement action, code-named Operation Cronos , conducted by law enforcement agencies from 11 countries disrupted the LockBit ransomware operation. The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data. ” wrote the gang.

Government

Government Hacking Cryptocurrency Penetration Testing

Cyber Security Informer

What Is Data Auditing? Why You Need It & How to Conduct It

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

Webinars

Trending Sources

The 5 C’s of Audit Reporting

Webinars

A Full Guide to Achieving SOC 2 Certification for Startups

Manual vs Automated Risk Management: What You Need to Know

Risk and Regulation: A Strategic Guide to Compliance Risk Assessment

Data Loss Prevention: Best Practices for Secure Data Management

Executive Business Reviews with Duo Care Help Companies Reach Security Goals

7 Things Every CISO Needs to Know About PKI

Too Many Security Testing Tools? Here Are 5 Things Your Devsecops Tools Should Do

The Hacker Mind Podcast: So You Want To Be A Pentester

The Hacker Mind Podcast: So You Want To Be A Pentester

The Weakest Link: Managing Supply Chain Risk

4 Critical Capabilities Your Cyber Risk Management Tools Should Have

The Weakest Link: Managing Supply Chain Risk

Best Practices for Application Security in the Cloud

The Hacker Mind: Follow The Rabbit

Advanced Phishing 201: How to Prevent Phishing from Impacting Your Users

API Security 101

LockBit is back and threatens to target more government organizations

Stay Connected