CISO and DNS - Cyber Security Informer

GUEST ESSAY: Addressing DNS, domain names and Certificates to improve security postures

The Last Watchdog

DECEMBER 6, 2019

In 2019, we’ve seen a surge in domain name service (DNS) hijacking attempts and have relayed warnings from the U.S. In the enterprise environment, domain names, DNS, and certificates are the lifeline to any internet-based application including websites, email, apps, virtual private networks (VPNs), voice over IP (VoIP) and more.

DNS

DNS Firewall Social Engineering Risk

A Reactive Cybersecurity Strategy Is No Strategy at All

CyberSecurity Insiders

MAY 18, 2022

A foundational approach to cybersecurity empowers CISOs to see abnormalities and block threats before they do damage. By increasing visibility into DNS traffic, CISOs can detect, block, and respond to incidents more quickly as well as use this data to institute new controls and increase overall resiliency.

DNS

DNS Cybersecurity CISO Social Engineering

Five considerations for cloud migration, from the House of Representatives CISO

SC Magazine

MAY 18, 2021

“It’s about how you can do your business mission” in a different environment, with its own requirements for protecting data, Vickers said during his talk at the RSA Show’s Cloud Security Alliance CISO Summit. The post Five considerations for cloud migration, from the House of Representatives CISO appeared first on SC Media.

Cloud Migration

Cloud Migration CISO Firewall DNS

Reflections on third-party validation of HYAS capabilties

Security Boulevard

MAY 10, 2023

I remember when a CISO from a health care client called me to understand whether we were aligned from a moral standpoint, both as individuals, and as companies. By utilizing unique and bespoke data, assembled and correlated in the right way, HYAS has actually created the most effective Protective DNS solution on the planet.

DNS

DNS CISO Architecture Data privacy

How do you know?

Security Boulevard

MAY 18, 2021

Do your DNS queries all have responses, and are they what you expected? By Charles Strauss, Senior Brand Copywriter, Corelight Can you be sure attackers aren’t hiding in your encrypted traffic? Can your investigators go back 18 months ago to find what they need? Do your alerts mean something, or nothing? How do you know? .Read Read more ».

DNS

DNS Encryption CISO Network Security

A roadmap for developing a secure enterprise cloud operating model

SC Magazine

JUNE 4, 2021

Network security: Includes Direct Connect (DC) private and public interfaces; DMZ, VPC, and VNet endpoints; transit gateways; load balancers; and DNS. CISOs need to lead from the front and take an active role in the evangelization and implementation of cloud security controls under the auspices of a secure enterprise cloud operating model.

Penetration Testing

Penetration Testing DNS Technology CISO

Attack Surface Management for the Adoption of SaaS

CyberSecurity Insiders

SEPTEMBER 20, 2022

Earlier this year, I had the opportunity to speak before a group of CISOs about the topic of attack surface management (ASM). DNS subdomain scanning is a useful tactic to discover internet-exposed SaaS application portals and their APIs. By Alfredo Hickman, head of information security, Obsidian Security.

Threat Detection

Threat Detection Risk Penetration Testing DNS

Security Roundup January 2021

BH Consulting

JANUARY 12, 2021

In the words of Duo Security’s Head of Advisory CISOs Wendy Nather, “This is not a marketing report to toss in your swag bag and ignore …this report will change how we think about running infosec programs.” Six Open Source tools for your security team MORE Finding SUNBURST victims using passive DNS. Links we liked.

Data privacy

Data privacy InfoSec DNS CISO

Quantum Computing: A Looming Threat to Organizations and Nation States

SecureWorld News

SEPTEMBER 7, 2023

As for the panel presentation at SecureWorld Denver , it features Edgar Acosta, Experienced Cybersecurity Professional (former CISO at DCP Midstream ); Craig Hurter, Sr. Director of Information Security, State of Colorado Governor's Office of Information Technology; and Toby Zimmerer, Sr. Demand and Delivery Director, Optiv.

Encryption

Encryption Technology Risk Architecture

Using Proactive Intelligence Against Adversary Infrastructure

Security Boulevard

FEBRUARY 7, 2024

Germany-based independent security evaluators AV-TEST found that HYAS Protect Protective DNS is the most effective operational resiliency solution on the market today to drive business continuity and continued operations. While businesses’ entire security stacks do matter, it’s impossible to stop all nefarious activity beforehand.

DNS

DNS Architecture Marketing Cyber threats

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

While CIOs, CISOs, and purchasing managers often make a faith-based decision on software, greater accountability in software development starting below the OS can lead to more data and risk-driven decisions. Also Read: How to Prevent DNS Attacks. Supply Chain Attacks.

Software

Software DNS Firmware VPN

Addressing Remote Desktop Attacks and Security

eSecurity Planet

MARCH 25, 2022

On a Sunday in February 2018, the Colorado CISO’s office set up a temporary server to test a new cloud-based business process. As CISO Debbi Blyth put it, “The server was discovered almost immediately by the attackers.” A few days later, IT systems started malfunctioning with ransom messages following.

VPN

VPN Software Authentication Encryption

What’s New in the Federal Zero Trust Strategy?

Duo's Security Blog

JANUARY 28, 2022

This includes the use of cloud based infrastructure Applications — tested internally and externally Data — categorized and tagged using cloud security services and enterprise logging capabilities What’s Notable in the Memo?

Authentication

Authentication Government DNS Encryption

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

50,000 DDoS attacks on public domain name service (DNS) resolvers. 553% increase in DNS Flood attacks from 1H 2020 to 2H 2023. DDoS attacks on single networks or websites render them unavailable, but DDoS attacks on DNS resolvers bring down all networks and websites using that DNS resource.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

Cyber Security Informer

GUEST ESSAY: Addressing DNS, domain names and Certificates to improve security postures

A Reactive Cybersecurity Strategy Is No Strategy at All

Trending Sources

Five considerations for cloud migration, from the House of Representatives CISO

Reflections on third-party validation of HYAS capabilties

How do you know?

A roadmap for developing a secure enterprise cloud operating model

Attack Surface Management for the Adoption of SaaS

Security Roundup January 2021

Quantum Computing: A Looming Threat to Organizations and Nation States

Using Proactive Intelligence Against Adversary Infrastructure

The Biggest Lessons about Vulnerabilities at RSAC 2021

Addressing Remote Desktop Attacks and Security

What’s New in the Federal Zero Trust Strategy?

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Stay Connected