SC Magazine

JANUARY 29, 2021

If or when more attacks are uncovered, end-user organizations will need to apply the lessons learned from SolarWinds and prepare to take swift and decisive action, infosec experts agreed in a series of interviews with SC Media. Hard reality check.

InfoSec 97

InfoSec CISO Media Software 97

NopSec

MARCH 18, 2016

Scanning is an important part of a well-established vulnerability risk management program. Vulnerability scanners allow you to identify the threats and weaknesses in your network. It also affords minimal compliance for companies subject to less stringent security rules, contributing to a false sense of security and system safety.

InfoSec 40

InfoSec Risk Cyber threats Network Security 40

SC Magazine

APRIL 26, 2021

“You can really make sure that you use this product across multiple things – RDP, VPN, email – all that are constantly being attacked,” said Sanders, noting that ABCWUA’s solution from Cisco and Duo Security processes over 12,000 authorizations per month. However, such modernization is not without risk.

CISO 82

CISO IoT VPN InfoSec 82

Herjavec Group

OCTOBER 12, 2021

Your IAM solution is likely to be the most used component of your organization’s cybersecurity program and by almost every member of your team whether they are part of the IT/Security, Risk, Audit, Business, or Administration teams. Neglecting Resilient Third-Party Risk Management.

Technology 52

Technology Cybersecurity Digital transformation Risk 52

Security Boulevard

OCTOBER 12, 2021

But there are security principles every development and IT team can follow to reduce the risks of a damaging breach. Successful cyberattacks often start at the “network perimeter”. Machines that don’t sit on the network perimeter are often treated differently. Principle One: Zero Trust.

Social Engineering 76

Social Engineering Penetration Testing Authentication Engineering 76

ForAllSecure

JANUARY 15, 2021

And what parallels might infosec learn from COVID-19? In this episode, Mike Ahmadi draws on his years of experience in infosec, his years hacking medical devices. Using older software within your own software always carries risk. Microsoft, for example, stopped patching Windows XP for security vulnerabilities in 2014.

Healthcare 52

Healthcare Hacking InfoSec Software 52

ForAllSecure

JANUARY 15, 2021

And what parallels might infosec learn from COVID-19? In this episode, Mike Ahmadi draws on his years of experience in infosec, his years hacking medical devices. Using older software within your own software always carries risk. Microsoft, for example, stopped patching Windows XP for security vulnerabilities in 2014.

Healthcare 52

Healthcare Hacking InfoSec Software 52

eSecurity Planet

DECEMBER 19, 2023

Bottom line: Prepare now based on risk. Without guidelines, organizations risk unfettered use of AI, risks of data leaks, and no recourse for unethical AI use within the organization. Also consider learning about the top governance, risk, and compliance tools to identify the best one for you.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

Security Boulevard

MARCH 18, 2024

The post Zero-Trust Network Access: Why so Many Teams Get it Wrong appeared first on Security Boulevard. Zero-trust encompasses a variety of technologies, from strong identity systems to microsegmentation. Why are so many organizations getting it wrong?

Technology 76

Technology Data privacy Security Awareness InfoSec 76

eSecurity Planet

DECEMBER 3, 2021

His contributions include founding Security BSides, serving as Strategist for Tenable, speaking at conferences, and co-hosting the podcast Security Voices. How to screen for natural infosec talent: Ask for a worst case scenario for any common situation. Markstedter actively contributes to filling the infosec education gap.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

eSecurity Planet

MAY 6, 2021

Since 1991, SonicWall has offered the newest network security solutions, and the Network Security appliance (NS a ) remains an advanced option fit for mid-sized networks. Advanced security techniques like virtual patch deployment , deception and misdirection, and honey potting. OWASP Top Ten.

Firewall 52

Firewall DDOS Marketing Technology 52

Security Boulevard

DECEMBER 20, 2023

Plus, it takes time to remediate vulnerabilities, so you’re always left with a period of time where you’re going to have some amount of unaddressed risk in your landscape. InfoSec and SOC teams are often under-resourced and new to SAP systems.

Ransomware 62

Ransomware Threat Detection InfoSec Network Security 62

Notice Bored

NOVEMBER 4, 2021

Networking security : risks associated with data and social networks. Information security incident management : unique or general? Backup : there's more to information risk management than cyber! Asset management : using templates/models to develop your policies. You'd be wasting value.

Information Security 56

Information Security Risk InfoSec Backups 56

SecureWorld News

DECEMBER 13, 2021

The reveal happened Friday, December 10, in part through Cybersecurity and Infrastructure Security Agency Director Jen Easterly: "This vulnerability, which is being widely exploited by a growing set of threat actors, presents an urgent challenge to network defenders given its broad use. December 10, 2021.

InfoSec 88

InfoSec Cybersecurity Cyber Risk Risk 88

The Falcon's View

AUGUST 29, 2017

There is already a well-established sub-field within information security (infosec) known as " Behavioral Information Security." However, I did find a reference to "behavioral security" dating back to May 2004 (see "Behavioral network security: Is it right for your company?" ).

Information Security 45

Information Security InfoSec Social Engineering Security Awareness 45

Security Boulevard

SEPTEMBER 23, 2021

All organizations must have security awareness training programs to teach basics to end users. The post CISO Stories Podcast: Fiscally Responsible Ways to Train and Build Community appeared first on Security Boulevard. Similarly, the technical teams need to be exposed to flexible training that is interesting to them.

CISO 52

CISO Security Awareness Risk InfoSec 52

Security Boulevard

NOVEMBER 8, 2021

As the CEO of a cybersecurity company, it’s important to stay informed--to know about breaking news, emerging threats, and rising trends to provide direction for the company and protection for our customers. One story that stood out to me last week was the news that CISA issued a new directive to federal agencies.

Cybersecurity 52

Cybersecurity Government InfoSec Risk 52

SC Magazine

MARCH 2, 2021

House Oversight and Homeland Security committees last week, SolarWinds’s former and current CEOs blamed an intern for creating a weak FTP server password and leaking it on GitHub – an act which may or may not have contributed to a supply chain hack that impacted users of the tech firm’s Orion IT performance monitoring platform.

Passwords 129

Passwords Password Management CISO InfoSec 129

ForAllSecure

APRIL 26, 2022

Is it balance between the monkey that the myths and all of that to explaining the risks explaining the probability explaining what can what can happen and you know, in an honest way, Vamosi: I think the nuances are more interesting the the realities of what can fail and could happen. The risk still isn’t clear enough.

Hacking 52

Hacking Energy and Utilities Manufacturing Firmware 52

ForAllSecure

AUGUST 2, 2022

Vamosi: DEF CON turns 30 This year what began simply as a going away party for a coworker has since evolved over the decades into an annual summer tradition for InfoSec leaders in Las Vegas, which now includes other events such as besides Las Vegas, Diana is known as hackers summer camp. Again, all all around the InfoSec community.

Hacking 40

Hacking Computers and Electronics InfoSec Software 40

Cisco Security

AUGUST 26, 2021

We constantly see new threats, and threat vectors, come and go; which puts a tremendous strain on the InfoSec teams that have to protect organizations and businesses from these threats. At the same time companies saw security resources in their organizations dwindle, leaving defenders to cope up with the onslaught of attacks.

Technology 110

Technology Firewall VPN Authentication 110

Cisco Security

JUNE 25, 2021

First of all, while I am honoured and deeply thankful for the recognition, I believe strongly that Security is a team effort and I must acknowledge the superb InfoSec team in Steward but also the Steward workforce. I thank you all for keeping our patients safe and secure! I need to be able to mitigate risk in near-real time.

CISO 74

CISO Healthcare InfoSec Computers and Electronics 74

eSecurity Planet

MAY 5, 2021

Breach and attack simulation (BAS) is a relatively new IT security technology that can automatically spot vulnerabilities in an organization’s cyber defenses, akin to continuous, automated penetration testing. CyCognito is committed to exposing shadow risk and bringing advanced threats into view. DXC Technology. 5 stars.

Penetration Testing 67

Penetration Testing Risk Technology Marketing 67