Cyber Security Informer

'Cybersecure My Business' Program Trains SMB Owners to Manage Cyber Risk

SecureWorld News

APRIL 18, 2024

As exemplified by the recent Change Healthcare attack , cyber incidents can threaten business owners' livelihood, their customers, and people who rely on their products and services. "We This program is taught using 'business language' to empower SMB operators to engage with IT, vendors, and customers from a place of knowledge."

Cyber Risk

Cyber Risk Risk Cybersecurity Small Business

Black Hat Fireside Chat: Horizon3.ai makes a strong case for continuous, self-service pentesting

The Last Watchdog

AUGUST 7, 2023

One of the hot topics at Black Hat USA 2023 , which ramps up here this week in the desert heat, is how automation and machine learning are underpinning pentesting solutions deeply and continuously. However, manual pentests never really were very effective at shining a light on emerging cyber exposures of the moment. Enter advanced pentesting.

Penetration Testing

Penetration Testing Internet Internet Network Security

Find Security Flaws in Your Dart & Flutter Applications: Veracode Expands Mobile Application Security Support

Veracode Security

AUGUST 7, 2023

Veracode takes a highly considered approach to selecting… How Does Veracode Prioritize Languages and Frameworks to Support? How Does Veracode Prioritize Languages and Frameworks to Support? There are more languages and frameworks than resources and time to support them. This means prioritization is key.

Mobile

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

The Last Watchdog

APRIL 8, 2024

This suggests that CISOs must take a strategic approach, Pegueros observed, which includes building relationships up the chain of command and mastering the art of framing messages to fit the audience. Compliance brings visibility to a topic. Enterprise customers are demanding and driving the conversation around cybersecurity.

CISO

CISO Risk Cybersecurity Insurance

Weekly Update 207

Troy Hunt

SEPTEMBER 4, 2020

References I've been really carefully planning the timing of my talks for years now (dug this tweet out as a reminder of how valuable this approach has been) Thread here on installing the new RGB LED downlights (no, this is not my bedroom!)

Passwords

Passwords Encryption Risk

News alert: Hornetsecurity launches new podcast series all about overcoming cybersecurity risks

The Last Watchdog

AUGUST 31, 2023

The informative and educational series has already looked at topics such as AI and whether ChatGPT could conduct a cyberattack, discussions around Hornetsecurity’s recent compliance survey, as well as a conversation with Microsoft Certified Trainer on how secure Microsoft 365 actually is. For more information, visit www.hornetsecurity.com.

Cybersecurity

Cybersecurity Risk Education Backups

Nine Top of Mind Issues for CISOs Going Into 2023

Cisco Security

JANUARY 10, 2023

Here are the topics that I think will be top of mind in 2023, and what CISOs can do to prepare. One aspect that has come to the fore this year is the CISO’s position as ‘guardian of customers’ private data’ in the event of a breach, and their responsibilities over the level of disclosure they later provide. CISO in the firing line.

CISO

CISO Insurance Cyber Insurance Phishing

Cisco’s 7 Guiding Principles of Government Data Demands

Cisco Security

MARCH 1, 2022

At Cisco, we empower our customers to control their data. In a world of advancing cyberthreats, expanding extraterritorial legislation, and growing concerns for data localization, we understand technology companies have an outsized responsibility to ensure customers have the power to make important decisions about their data.

Government

Government Surveillance Technology Software

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

Thales Cloud Protection & Licensing

JANUARY 11, 2023

Throughout 2022, Thales hosted more than 40 webinars on a wide variety of cybersecurity topics, including, cloud security, data sovereignty, compliance, data threat trends, and rethinking approaches to role-based authentication. SAP and Thales have worked together to solve these challenges for financial services customers.

Financial Services

Financial Services Threat Reports Architecture Technology

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

The Last Watchdog

OCTOBER 4, 2023

In a keynote address, Omdia’s Eric Parizo, managing prinicipal analyst, and Andrew Braunberg, principal analyst, unveiled an approach they coined as “proactive security.” LW: Can you characterize what’s happening in the field today with early adopters of this approach? Is that fair? Braunberg: Absolutely. LW: Anything else?

Risk

Risk Marketing Software Network Security

A SOC Tried To Detect Threats in the Cloud … Your Won’t Believe What Happened Next

Anton on Security

MAY 27, 2021

In this post, I wanted to quickly touch on this very topic and refresh some past analysis of this (and perhaps reminisce on how sad things were in 2012 ). There were also cases where both business and IT migrated to the cloud, but security was left behind and had to approach cloud challenges with on-premise tools and practices.

Cloud Migration

Cloud Migration Architecture Technology Government

GUEST ESSAY: The case for an identity-first approach ‘Zero Trust’ privileged access management

The Last Watchdog

SEPTEMBER 26, 2022

As enterprises continue to fall victim to increasingly complex attacks, there’s one topic that cybersecurity professionals and vendors can agree on: the importance of Zero Trust. With a ZSP approach to identity management though, organizations can more successfully ensure the identity leg of the Zero Trust tripod is powerful and secure.

Ransomware

Ransomware Passwords Data breaches Accountability

From Google Cloud Blog: “New Cloud Security Podcast by Google is here”

Anton on Security

FEBRUARY 26, 2021

This podcast will bring you stories and insights on security in the cloud, delivering security from the cloud, and, of course, on what we’re doing at Google Cloud to help keep customer data safe and workloads secure. If you have topics you’re interested in hearing about, please reach out and let us know.

Cloud Migration

Cloud Migration Network Security Banking Media

Selecting the right MSSP: Guidelines for making an objective decision

SecureList

MARCH 30, 2023

Here are some of the most common security services provided by MSSPs: Security Monitoring 24/7 monitoring of the organization’s network, systems, and applications to identify potential security threats and anomalies; can be provided as an on-premises solution (when data must not leave the customer infrastructure) or as a service.

Technology

Technology Marketing Risk Threat Detection

Breaking Down User Activity Monitoring Tools: Security and HR Perspectives

SecureWorld News

JANUARY 4, 2024

Actually, there are two main approaches to implementing UAM solutions. The second approach is proactive, where companies install these systems to proactively gather valuable insights, as helpful information is bound to emerge. Some potential customers express concerns about system and network loads.

Data collection

Data collection Artificial Intelligence Surveillance Risk

Data Protection Day 2024: In Privacy We Trust

BH Consulting

JANUARY 28, 2024

Without trust, relationships between employees, customers, and other stakeholders can quickly deteriorate, leading to a breakdown in communication and collaboration. When leaders reveal their trip-ups and failures, they are seen as more approachable and less arrogant, but showing vulnerability isn’t always easy. Show vulnerability.

Authentication

Authentication Firewall Data breaches Risk

ROUNDTABLE: Targeting the supply-chain: SolarWinds, then Mimecast and now UScellular

The Last Watchdog

FEBRUARY 3, 2021

21 disclosed how cybercriminals broke into its Customer Relationship Management (CRM) platform as a gateway to compromise the cell phones of an undisclosed number of the telecom giant’s customers. The SolarWinds hack came to light in mid-December and has since become a red hot topic in the global cybersecurity community.

Phishing

Phishing Hacking Accountability Social Engineering

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

The Last Watchdog

FEBRUARY 15, 2021

By taking a multi-generational approach to workforce security education programs, companies can strengthen their security postures to thrive in a changing landscape, while also supporting families. Tools and approaches. Cybersecurity education programs that target families are smart, cost-effective, and serve corporate goals.

Education

Education CISO Security Awareness Cybersecurity

Cybersecurity Collaborative’s Cloud Security Task Force to provide guidance for digital transformation

SC Magazine

MAY 18, 2021

Cloud security is a more than a hot topic, it’s an imperative,” said Collaborative Executive Director Parham Eftekhari. With member organizations advancing their learning at such a rapid pace the value of pooling knowledge and resources grows greater.”.

Digital transformation

Digital transformation Cloud Migration Cybersecurity CISO

2022 Cybersecurity Trends and Predictions

CyberSecurity Insiders

NOVEMBER 26, 2021

To borrow a poker metaphor, those topics are table stakes. RansomOps take a low and slow approach—infiltrating the network and spending time moving laterally and conducting reconnaissance to identify and exfiltrate valuable data. Beyond the Buzzwords. 2022 Cybersecurity Predictions. In both cases, the concept is the same.

Cybersecurity

Cybersecurity Ransomware Risk Artificial Intelligence

Introducing Horizons

Thales Cloud Protection & Licensing

OCTOBER 24, 2018

Thales invests heavily in research and development to ensure our customers keep pace with the demands of the global security ecosystem. The name “Horizons” stems from our approach to research, which spans three different event horizons. If any topics particularly pique your interest, please let us know by leaving a comment below.

Technology

Technology Information Security

Who Owns Your Wireless Service? Crooks Do.

Krebs on Security

AUGUST 7, 2019

Wireless providers selling real-time customer location data, despite repeated promises to the contrary. If you are somehow under the impression that you — the customer — are in control over the security, privacy and integrity of your mobile phone service, think again. AT&T in particular has had a rough month.

Wireless

Wireless Mobile Banking Authentication

Meet Thales at the KuppingerCole European Identity and Cloud Conference 2023

Thales Cloud Protection & Licensing

MAY 3, 2023

Thales will have a strong presence at the Conference, with our executives discussing pressing issues around identity management, customer IAM, and authentication. Thales and Microsoft experts will discuss the role of FIDO and other phishing-resistant authentication methods like CBA in achieving a Zero Trust approach.

B2B

B2B Authentication Phishing Marketing

Using social media as a tool to share knowledge on day-to-day Cybersecurity risks

CyberSecurity Insiders

JUNE 8, 2023

Of course, if you do fall into a tech niche and have an audience that’s interested specifically in cybersecurity, you can certainly post on social media about the topic. Let’s look at how cybersecurity topics can be approached from a variety of industry angles. This will instill trust in your brand.

Media

Media Risk Cybersecurity Education

Policy development process: phase 2

Notice Bored

APRIL 18, 2021

Today we completed and published a new "topic-specific" information security policy template on clear desk and screen. The approach we've taken is to mention this aspect and recommend just a few key controls, hoping that workers will get the point.

Risk

Risk Information Security InfoSec Mobile

Safeguarding Ethical Development in ChatGPT and Other LLMs

SecureWorld News

AUGUST 7, 2023

This is Part 1 of a three-part series tackling the topic of generative AI tools. This first installment is "Safeguarding Ethical Development in ChatGPT and Other LLMs through a Comprehensive Approach: Integrating Security, Psychological Considerations, and Governance."

Technology

Technology Risk Government Engineering

Machine Learning is a Must for API Security

IT Security Guru

SEPTEMBER 13, 2023

The topic of whether to have ML-driven API security has now given way to how to obtain the best level of business protection. The combination of advanced Machine Learning capabilities and a comprehensive approach to API security can help businesses prevent API attacks and reduce their impact should an abuse is detected.

Digital transformation

Digital transformation Data breaches Artificial Intelligence Firewall

AT&T Business Summit is virtual Oct. 27-28 and free!

CyberSecurity Insiders

SEPTEMBER 27, 2021

Given how critical security is to digital transformation and our ability to innovate, we’ve got a robust line-up of cybersecurity topics – from SASE to zero trust and the technologies you need to help protect your business. And it’s jam-packed with cybersecurity talks! Speakers: Todd Waskelis and Dan Solero.

Digital transformation

Digital transformation Ransomware Technology Cybersecurity

It’s a party! Cisco SecureX at RSAC and Cisco Live US 2022

Cisco Security

MAY 11, 2022

As you start planning your RSAC and Cisco Live 2022 experiences, we invite you to explore the progress we have made in offering radically simple security with a platform approach that is transformative to the industry and for our customers. Stop by our engaging theater sessions: Topic. Time (20 mins). HOLSEC-2001.a HOLSEC-2001.b

Firewall

Firewall Threat Detection Risk Engineering

SHARING INTEL: Here’s why it has become so vital to prioritize the security-proofing of APIs

The Last Watchdog

NOVEMBER 30, 2021

We spoke about how his company recently took a deep dive into six months of API data generated by its enterprise customers and found overall API traffic increased 141 percent, compared to the prior six months. Indeed, API security has become a red-hot topic. Traditional approaches just aren’t working or can’t scale.

Big data

Big data Digital transformation Accountability Software

From Google Cloud Blog: “New Cloud Security Podcast by Google is here”

Security Boulevard

FEBRUARY 26, 2021

This podcast will bring you stories and insights on security in the cloud, delivering security from the cloud, and, of course, on what we’re doing at Google Cloud to help keep customer data safe and workloads secure. If you have topics you’re interested in hearing about, please reach out and let us know. Future episodes. Learn more.

Cloud Migration

Cloud Migration Network Security Banking Media

A SOC Tried To Detect Threats in the Cloud … Your Won’t Believe What Happened Next

Security Boulevard

MAY 27, 2021

In this post, I wanted to quickly touch on this very topic and refresh some past analysis of this (and perhaps reminisce on how sad things were in 2012 ). There were also cases where both business and IT migrated to the cloud, but security was left behind and had to approach cloud challenges with on-premise tools and practices.

Cloud Migration

Cloud Migration Architecture Technology Government

Infrastructure Hygiene: Success and Consistency

Security Boulevard

MARCH 1, 2021

We went through the risks and challenges of infrastructure hygiene , and then various approaches for fixing the vulnerabilities. Let’s wrap up the series by seeing how this kind of approach works in practice and how we’ll organize to ensure the consistent and successful execution of an infrastructure patch. Mike Rothman. (0)

Risk

Risk Architecture Banking

The Best Way to Detect Threats In the Cloud?

Anton on Security

JULY 20, 2022

Even where servers remain, we predict growth in agentless approaches given their lower operational overhead for both the server workloads themselves and for security teams. While we are on the topic of doing detection from the cloud provider backplane, the question of durability of detection controls against attacker interference comes up.

Threat Detection

Threat Detection Cloud Migration Engineering Technology

Simplified Security with Purpose-Built Networking for Advanced Threat Detection

Cisco Security

MAY 12, 2021

T he complexity that comes with adding more security solutions in a layered approach isn’t helping anyone but the attackers. We know that we need to take a platform approach to integrate our security solutions , so that we can improve detection and automate our response , if we want to stay ahead of the malware economy.

Threat Detection

Threat Detection Engineering Network Security Malware

Six existential threats posed by the future of 5G (Part Two)

CyberSecurity Insiders

JULY 6, 2021

In our previous blog on this topic, we looked into how a virtual network infrastructure, combined with the use of an unprecedented volume of data, and the introduction of the IoT on 5G networks, all posed a significant challenge to mobile operators in their desire to create secure 5G. Meeting Rising Customer Onboarding Expectations.

Mobile

Mobile Internet Internet IoT

National Day of Unplugging – how switching off can boost business security

Thales Cloud Protection & Licensing

MARCH 6, 2020

In my family, we regularly ‘unplug’ and use the opportunity to discuss cyber awareness and topics such as the risks to our family information, how we can improve personal safety, and what are we doing to prevent identify theft. But it’s also a chance to step back and re-evaluate our online usage. A new generation of workers is on its way in.

Encryption

Encryption Authentication Passwords CISO

Top of Mind Security Insights from In-Person Interactions

Cisco Security

JUNE 30, 2022

The past few months have been chockfull of conversations with security customers, partners, and industry leaders. Zero trust offers organizations a simpler approach to securing access for everyone, from any device, anywhere—all the while, making it harder for attackers. . Seeking a simpler, smarter ecosystem .

Digital transformation

Digital transformation Data privacy Identity Theft Data breaches

Passwordless Authentication – Going Beyond the Hype With 3 Key Considerations

Duo's Security Blog

MARCH 2, 2021

There’s no denying that passwordless is a hot topic. Modern IT environments are complex and replacing every authentication use case with passwordless technology will need a lot of planning and has to be a phased approach. Moreover, compromised passwords are still the leading cause of breach. What is Passwordless Authentication?

Authentication

Authentication Passwords Technology Mobile

Why are CEOs Cyber Resilient?

Cisco Security

AUGUST 14, 2023

The second was that cyber security is not a topic to interest a CEO but cyber resilience certainly is. The CEO should be agreeing on a Risk based approach and clearly expressing the importance of this is at the start. This observation led me to another topic. To draw a comparison. Built up over years. A major corporate asset.

CISO

CISO Risk Marketing Accountability

2017 AWS Re:Invent Recap: The evolution of innovation in the cloud

Thales Cloud Protection & Licensing

DECEMBER 11, 2017

For those of you that don’t already know, AWS Re:Invent is Amazon Web Services premier cloud conference for customers, partners, and industry professionals. Many topics were discussed at the conference, but there were two major themes this year that stood out to me. #1: 1: A shift in how people are transferring workloads to cloud.

Cloud Migration

Cloud Migration Technology Risk

A Conversation with Ken Modeste

Daniel Miessler

SEPTEMBER 2, 2019

It’s rare that I agree with someone so much on the topic of securing connected devices. He prefers a binary approach to ratings instead, such as saying something more like, “X product is UL Approved” Don’t give the customer work, just tell them they can buy it or not.

IoT

IoT Technology Cybersecurity Media

Ransomware Groups Reinvest Capital to Improve Attack Methods

CyberSecurity Insiders

SEPTEMBER 17, 2021

Instead of relaunching the same tried-and-true attacks that have generated their handsome profits, ransomware groups are using the money to invest in R&D, an approach resembling series A financing rounds. The attack impacted about 50 MSPs who use the RMM system. Ransomware is clearly going to remain a major concern for the long term.

Ransomware

Ransomware Cyber Attacks Software Cybersecurity

In case you missed it: check out what’s new with SecureX from Cisco Live!

Cisco Security

MARCH 31, 2021

For the first time ever, Cisco is bringing customers and partners from all around the world together for an all-in-one global event! This year at Cisco Live, we are turning it up for Cisco SecureX customers. Already a Cisco Security customer? We are moving that technology in house to take the weight off your shoulders.

Firewall

Firewall Technology Phishing Cybersecurity

'Cybersecure My Business' Program Trains SMB Owners to Manage Cyber Risk

Black Hat Fireside Chat: Horizon3.ai makes a strong case for continuous, self-service pentesting

Trending Sources

Find Security Flaws in Your Dart & Flutter Applications: Veracode Expands Mobile Application Security Support

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

Weekly Update 207

News alert: Hornetsecurity launches new podcast series all about overcoming cybersecurity risks

Nine Top of Mind Issues for CISOs Going Into 2023

Cisco’s 7 Guiding Principles of Government Data Demands

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

A SOC Tried To Detect Threats in the Cloud … Your Won’t Believe What Happened Next

GUEST ESSAY: The case for an identity-first approach ‘Zero Trust’ privileged access management

From Google Cloud Blog: “New Cloud Security Podcast by Google is here”

Selecting the right MSSP: Guidelines for making an objective decision

Breaking Down User Activity Monitoring Tools: Security and HR Perspectives

Data Protection Day 2024: In Privacy We Trust

ROUNDTABLE: Targeting the supply-chain: SolarWinds, then Mimecast and now UScellular

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

Cybersecurity Collaborative’s Cloud Security Task Force to provide guidance for digital transformation

2022 Cybersecurity Trends and Predictions

Introducing Horizons

Who Owns Your Wireless Service? Crooks Do.

Meet Thales at the KuppingerCole European Identity and Cloud Conference 2023

Using social media as a tool to share knowledge on day-to-day Cybersecurity risks

Policy development process: phase 2

Safeguarding Ethical Development in ChatGPT and Other LLMs

Machine Learning is a Must for API Security

AT&T Business Summit is virtual Oct. 27-28 and free!

It’s a party! Cisco SecureX at RSAC and Cisco Live US 2022

SHARING INTEL: Here’s why it has become so vital to prioritize the security-proofing of APIs

From Google Cloud Blog: “New Cloud Security Podcast by Google is here”

A SOC Tried To Detect Threats in the Cloud … Your Won’t Believe What Happened Next

Infrastructure Hygiene: Success and Consistency

The Best Way to Detect Threats In the Cloud?

Simplified Security with Purpose-Built Networking for Advanced Threat Detection

Six existential threats posed by the future of 5G (Part Two)

National Day of Unplugging – how switching off can boost business security

Top of Mind Security Insights from In-Person Interactions

Passwordless Authentication – Going Beyond the Hype With 3 Key Considerations

Why are CEOs Cyber Resilient?

2017 AWS Re:Invent Recap: The evolution of innovation in the cloud

A Conversation with Ken Modeste

Ransomware Groups Reinvest Capital to Improve Attack Methods

In case you missed it: check out what’s new with SecureX from Cisco Live!

Stay Connected