Cyber Security Informer

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

The Last Watchdog

APRIL 1, 2024

Related: Data privacy vs data security However, this remains a novel concept at most companies. The report, titled “ Embed Cybersecurity And Privacy Everywhere To Secure Your Brand And Business ,” argues for a paradigm shift. What should CIOs and CISOs expect going in; what basic rethinking do they need to do?

Cybersecurity

Cybersecurity CISO B2B Risk

On the Cybersecurity Jobs Shortage

Schneier on Security

SEPTEMBER 20, 2023

The numbers never made sense to me, and Ben Rothke has dug in and explained the reality : …there is not a shortage of security generalists, middle managers, and people who claim to be competent CISOs. They are not looking for someone interested in security. That makes a lot more sense, and matches what I experience.

Cybersecurity

Cybersecurity CISO Engineering Architecture

Juniper Support Portal Exposed Customer Device Info

Krebs on Security

FEBRUARY 9, 2024

Until earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including which devices customers bought, as well as each product’s warranty status, service contracts and serial numbers. Sunnyvale, Calif.

Artificial Intelligence

Artificial Intelligence Healthcare Accountability Banking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

The Last Watchdog

DECEMBER 14, 2023

Last Watchdog posed two questions: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? What should I be most concerned about – and focus on – in 2024? Nearly $400 million was lost as 28 Toyota production lines shut down. Their guidance: Snehal Antani , CEO, Horizon3.ai

Cybersecurity

Cybersecurity Marketing Encryption CISO

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

The Last Watchdog

OCTOBER 4, 2023

Related: What Cisco’s buyout of Splunk really signals We’re in the midst of driving towards a dramatically scaled-up and increasingly connected digital ecosystem. In a keynote address, Omdia’s Eric Parizo, managing prinicipal analyst, and Andrew Braunberg, principal analyst, unveiled an approach they coined as “proactive security.”

Risk

Risk Marketing Software Network Security

Weekly Update 305

Troy Hunt

JULY 21, 2022

3D printing woes, and somehow I managed to get through the explanation without reverting to a chorus of My Stick by a Bad Lip Reading (and now you'd got that song stuck in your head). Loads of data breaches this week and whilst "legacy", still managed to demonstrate how bad some practices remain today (hi Shadi.com 👋).

Data breaches

Data breaches Media

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

The Last Watchdog

FEBRUARY 5, 2024

Fortunately, effective tools and wise best practices can help mitigate this this exposure enabling companies to indefinitely leverage Exchange Server as a productive, resilient and secure communications tool. Here are a few ‘dos:’ •Rigorous vulnerability management. Backup strategies.

Risk

Risk Backups Software Education

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

The Last Watchdog

APRIL 8, 2024

Thus, presenting a sky-is-falling scenario to justify a fatter security budget, “does not resonate at the board level,” she said in her talk. And to some extent, they don’t always deal with the reality of what the situation really is. Board members must be very optimistic; they have to believe in the vision for the company.

CISO

CISO Risk Cybersecurity Insurance

FIRESIDE CHAT: Anchoring security on granular visibility, proactive management of all endpoints

The Last Watchdog

NOVEMBER 22, 2022

And securing endpoints has once more become mission critical. I had the chance to visit with Peter Constantine, Tanium’s Senior Vice President Product Management. I had the chance to visit with Peter Constantine, Tanium’s Senior Vice President Product Management. Related: Ransomware bombardments.

Internet

Internet Internet Network Security Technology

Crickets from Chirp Systems in Smart Lock Key Leak

Krebs on Security

APRIL 15, 2024

government is warning that “smart locks” securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. Brown said the exposure he found in Chirp’s products is “an obvious flaw that is super easy to fix.” out of a possible 10).

Software

Software Mobile Marketing Engineering

What Are the Top 10 MSP Challenges Today? (And Help Beating Them)

Heimadal Security

MARCH 18, 2024

Running a managed service provider (MSP) business is hugely rewarding. MSPs give their customers the tools to be productive. And owning your own company means you decide what kind of work you want to do. There are […] The post What Are the Top 10 MSP Challenges Today? But it’s not all a bed of roses.

GUEST ESSAY: The Top 10 cybersecurity shortfalls that put SMBs, enterprises at elevated risk

The Last Watchdog

APRIL 17, 2023

Even the most well-protected companies can be susceptible to attacks if they are not careful about a proactive approach towards cyber security. Here are a few of the top security weaknesses that threaten organizations today: Poor risk management. Anemic asset management. No organization is immune to cybersecurity threats.

Risk

Risk Cybersecurity Data breaches Cyber Attacks

MY TAKE: Is Satya Nadella’s ‘Secure Future Initiative’ a deja vu of ‘Trustworthy Computing?’

The Last Watchdog

MAY 3, 2024

SAN FRANCISCO — On the eve of what promises to be a news-packed RSA Conference 2024 , opening here on Monday, Microsoft is putting its money where its mouth is. Pressure redux But now, once again, Microsoft is feeling enough pressure from its enterprise customers to recalibrate its approach to security.

Software

Software Engineering Internet Internet

What is Kubernetes Governance?

Security Boulevard

DECEMBER 19, 2022

Kubernetes governance is the set of policies and procedures organizations adopt to define how Kubernetes is managed and maintained, and it is an essential part of how enterprises become production-ready at scale. Kubernetes governance includes management of Kubernetes resources, scheduling, upgrades, and role-based access control.

Government

SHARED INTEL: Poll shows companies pursuing ‘Digital Trust’ reap benefits as laggards fall behind

The Last Watchdog

FEBRUARY 21, 2024

According to DigiCert’s 2024 State of Digital Trust Survey results, released today , companies proactively pursuing digital trust are seeing boosts in revenue, innovation and productivity. The gap between the leaders and the laggards is growing,” says Brian Trzupek , DigiCert’s senior vice president of product. “If

Energy and Utilities

Energy and Utilities IoT Manufacturing Healthcare

What is School Management System

Security Boulevard

JANUARY 22, 2024

A school management system centralizes admin operations into a unified database improving efficiency, productivity & collaboration across school staff, teachers, parents & students. The post What is School Management System appeared first on SternX Technology.

Technology

Author Q&A: Here’s why the good guys must continually test the limitations of ‘EDR’

The Last Watchdog

OCTOBER 30, 2023

A new tier of overlapping, interoperable, highly automated security platforms must, over the next decade, replace the legacy, on-premise systems that enterprises spent multiple kings’ fortunes building up over the past 25 years. LW: From a macro level, do security teams truly understand their EDRs?

Engineering

Engineering Mobile Internet Internet

What To Look For in an Open Source Vulnerability Scanner

Veracode Security

JANUARY 4, 2024

One of the top security concerns we hear from technology leaders is about the security of open source software (OSS) and cloud software development. However, just because a solution scans open source does not mean you are ultimately reducing security risk with it. It represents an index of known vulnerabilities…

Risk

Risk Technology Software Government

Making Products That Are Kinder Than Necessary: A Product Designer’s Career Path

Duo's Security Blog

MAY 9, 2023

Principal Product Designer Jake Ingman feels lucky that he’s been able to find a role that combines his passion for cybersecurity, design and engineering. Bringing Minnesota nice to a kinder than necessary culture that values design has allowed Ingman to infuse Duo products with empathy while defining his product design career path.

Engineering

Engineering Cybersecurity

Better Together: How Duo Care Helps You Get Directly Involved With Product

Duo's Security Blog

FEBRUARY 19, 2024

The Cisco Duo team is filled with excellent researchers, designers, product managers, engineers, and more who know what we are doing when it comes to building a great product - but we also know that we are better together with input from our customers. This blog is part of the Duo Care Trusted Advisor series.

Engineering

Engineering Accountability Cybersecurity

What Our Security Experts Discussed at AWS re:Invent 2023

Veracode Security

DECEMBER 14, 2023

The landscape of coding is changing as developers embrace AI, automation, microservices, and third-party libraries to boost productivity. Learn about one of the latest innovations solving this in a recap of what our security experts discussed at AWS re:Invent 2023. While many AI-powered coding tools are designed to help write…

This Free Solution Provides Essential Third-Party Risk Management for SaaS

The Hacker News

NOVEMBER 30, 2023

Wing Security recently announced that basic third-party risk assessment is now available as a free product. But it raises the questions of how SaaS is connected to third-party risk management (TPRM) and what companies should do to ensure a proper SaaS-TPRM process is in place. What exactly is

Risk

What is Data Security Posture Management (DSPM)?

The Hacker News

AUGUST 1, 2023

Data Security Posture Management is an approach to securing cloud data by ensuring that sensitive data always has the correct security posture - regardless of where it's been duplicated or moved to. So, what is DSPM? Here's a quick example: Let's say you've built an excellent security posture for your cloud data.

What Is Patch Management and Why Is It Important?

SecureWorld News

FEBRUARY 7, 2024

IT administrators and operations managers are responsible for overseeing much of any given organization's incumbent security practices. Software, as we know, is increasingly prone to bugs and vulnerabilities, and must be kept in good working order to maintain worker and organizational productivity.

Firmware

Firmware Digital transformation Penetration Testing Risk

Luna HSMs FIPS 140-3 Validation

Thales Cloud Protection & Licensing

APRIL 3, 2024

Luna HSMs FIPS 140-3 Validation sparsh Wed, 04/03/2024 - 07:52 FIPS 140-3 and You, Part Two Awhile back, we shared that Thales Luna HSMs were about to kick-off the process of moving towards Federal Information Processing Standard (FIPS) 140-3 Level 3, the newest security standard to accredit cryptographic modules.

Firmware

Firmware Technology Backups Marketing

How to Protect Your Accounts with Multi-Factor Authentication

Duo's Security Blog

OCTOBER 13, 2023

In our last blog, we discussed using strong passwords and a password manager to provide better defense at the first layer of the authentication process. We’ll take a closer look at what MFA is, why we need it, how it strengthens identity verification and how you can enable it with Cisco Duo. What is MFA? " Try Duo today!

Authentication

Authentication Accountability Passwords Mobile

Systematically Bring to Light the Keys in Your Clouds

Thales Cloud Protection & Licensing

MAY 15, 2024

However, with all that the cloud offers, it has ushered in the need for more robust security controls, especially when storing sensitive and critical data. However, as data stores scale, so do the number of cryptographic keys that must be managed. The graphic shows the process of discovering your cloud-based key management service.

Encryption

Encryption Marketing Accountability

Why Technology Convergence is the Future of Cybersecurity

Security Boulevard

JANUARY 5, 2023

Most IT security functions have accrued multiple point products over the years. The idea is not in itself a bad one – find a product that does one thing really well and integrate it with the rest to deliver “best-of-breed” security. For many years that’s what enterprises aimed for.

Technology

Technology Cybersecurity CISO

10 Reasons why businesses need mobile device management (MDM)

CyberSecurity Insiders

APRIL 3, 2023

Mobile device management (MDM) refers to a type of software that allows businesses to manage, configure and secure mobile devices used by their employees. This helps them ensure security while providing their employees with access to the applications and data they need. MDM can help with this. MDM can help with this.

Mobile

Mobile Data breaches Cyber threats Software

Systematically Bring to Light the Keys in Your Clouds

Security Boulevard

MAY 15, 2024

However, with all that the cloud offers, it has ushered in the need for more robust security controls, especially when storing sensitive and critical data. However, as data stores scale, so do the number of cryptographic keys that must be managed. The graphic shows the process of discovering your cloud-based key management service.

Encryption

Encryption Marketing Accountability

There’s a New Salter on the Block!

Security Boulevard

JULY 26, 2023

I have joined the Salt senior leadership team as executive vice president of product. Given my background and security experience, the role immediately stood out to me. Security leaders worldwide are increasingly recognizing the importance of API security to protect their critical data and services.

Marketing

Marketing CISO Risk Engineering

How to Generate an SBOM in Veracode SCA

Veracode Security

APRIL 25, 2022

Emerging government regulations have driven the advancement of standards for securing software supply chains. The production of a Software Bill of Materials (SBOM) in a standard format is an increasing audit and compliance need for large organizations.

Software

Software Risk Government

Protecting Your Digital Identity: Celebrating Identity Management Day

Webroot

APRIL 3, 2024

Mark your calendars for April 9, 2024 The second Tuesday of April marks Identity Management Day — a day dedicated to raising awareness about the importance of safeguarding your digital identity. But what exactly is identity management, and why do we need a whole day for it? What is identity management?

VPN

VPN Passwords Scams Accountability

Managed Security Service – What It Is and Why Does Your Company Need It

Heimadal Security

APRIL 11, 2022

The unification revolution of cybersecurity solutions has started – and managed security service providers are leading the way. The post Managed Security Service – What It Is and Why Does Your Company Need It appeared first on Heimdal Security Blog. Here’s more on the various types […].

Technology

Technology Software Cybersecurity

Banyan Security Enables Zero Trust Developer Access on Oracle Cloud

Security Boulevard

JANUARY 7, 2022

Originally published by Robert Ronan, Oracle Principal Product Manager. What is zero trust access? As more organizations migrate infrastructure to the cloud and rethink software development and deployment, they are also modernizing their approach to security.

Software

What Is API Ownership and How Can It Help Your Team?

Security Boulevard

MARCH 6, 2022

A guide about API ownership for leadership, senior engineers, security experts, and product managers to make/work better together. The post What Is API Ownership and How Can It Help Your Team? appeared first on Traceable App & API Security. The post What Is API Ownership and How Can It Help Your Team?

Engineering

How CIOs Can Balance Boldness and Caution By Implementing DevOps Test Data Management

Security Boulevard

SEPTEMBER 2, 2022

How CIOs Can Balance Boldness and Caution By Implementing DevOps Test Data Management. With automated test data, companies can achieve fast, quality software releases, more seamless cloud adoption, and improved data security and privacy for meeting emerging compliance requirements. Today, security is every employee’s responsibility.

Data privacy

Data privacy Software Data breaches Risk

What Is Digital Asset Management (DAM) and Why You Need It

Heimadal Security

FEBRUARY 9, 2022

Organization is essential for any company that wants to keep productivity levels up and meet all the necessary compliance standards. Read on to find out how digital asset management can help you achieve all these goals! What Is Digital Asset Management?

Software

Attack Surface Management for the Adoption of SaaS

CyberSecurity Insiders

SEPTEMBER 20, 2022

By Alfredo Hickman, head of information security, Obsidian Security. Earlier this year, I had the opportunity to speak before a group of CISOs about the topic of attack surface management (ASM). Each of these SaaS applications differs widely from the next and poses a unique set of security capabilities and challenges.

Threat Detection

Threat Detection Risk Penetration Testing DNS

Managing Cybersecurity Risk in M&A

Cisco Security

SEPTEMBER 26, 2022

After completing the program in 2020, he spearheaded a grant from Cisco to fund research conducted by the university’s Center for Long-Term Cybersecurity, which included identifying best practices around cybersecurity risk and risk management in the M&A process, captured in this co-authored report. Risk Management and Formula One.

Risk

Risk Cybersecurity Technology InfoSec

Recent Tesla Hacks Highlight Importance of Protecting Connected Devices

eSecurity Planet

FEBRUARY 2, 2024

Make sure your security and IT teams are aware of every connected device so your business knows how to best protect its networks and sensitive data from vulnerabilities and threat actors. Security researchers who participated in the event found dozens of vulnerabilities over a 72-hour period.

Hacking

Hacking IoT Firmware Cybersecurity

SonicWall Issues Patch for Critical Bug Affecting its Analytics and GMS Products

The Hacker News

JULY 22, 2022

Network security company SonicWall on Friday rolled out fixes to mitigate a critical SQL injection (SQLi) vulnerability affecting its Analytics On-Prem and Global Management System (GMS) products. The vulnerability, tracked as CVE-2022-22280, is rated 9.4

Network Security

Introducing ThreatDown: A new chapter for Malwarebytes

Malwarebytes

NOVEMBER 7, 2023

It did what no other product could, find malware and remove every trace. But with the rapid increase of attack surfaces, security products have multiplied and become increasingly complex to deploy and manage. Importantly, we’ve also made security simpler. Malwarebytes turned out to be extremely popular.

Adware

Adware Social Engineering Malware Cybersecurity

Atlassian Announces Critical Jira Service Management Vulnerability

Security Boulevard

FEBRUARY 3, 2023

Atlassian announced a new critical vulnerability in Jira Service Management Server and Data Center, tracked as CVE-2023-22501. Here’s what you need to know. Who is Atlassian and what is Jira Service Management? Read More The post Atlassian Announces Critical Jira Service Management Vulnerability appeared first on Nuspire.

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

On the Cybersecurity Jobs Shortage

Webinars

Trending Sources

Juniper Support Portal Exposed Customer Device Info

Webinars

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

Weekly Update 305

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

FIRESIDE CHAT: Anchoring security on granular visibility, proactive management of all endpoints

Crickets from Chirp Systems in Smart Lock Key Leak

What Are the Top 10 MSP Challenges Today? (And Help Beating Them)

GUEST ESSAY: The Top 10 cybersecurity shortfalls that put SMBs, enterprises at elevated risk

MY TAKE: Is Satya Nadella’s ‘Secure Future Initiative’ a deja vu of ‘Trustworthy Computing?’

What is Kubernetes Governance?

SHARED INTEL: Poll shows companies pursuing ‘Digital Trust’ reap benefits as laggards fall behind

What is School Management System

Author Q&A: Here’s why the good guys must continually test the limitations of ‘EDR’

What To Look For in an Open Source Vulnerability Scanner

Making Products That Are Kinder Than Necessary: A Product Designer’s Career Path

Better Together: How Duo Care Helps You Get Directly Involved With Product

What Our Security Experts Discussed at AWS re:Invent 2023

This Free Solution Provides Essential Third-Party Risk Management for SaaS

What is Data Security Posture Management (DSPM)?

What Is Patch Management and Why Is It Important?

Luna HSMs FIPS 140-3 Validation

How to Protect Your Accounts with Multi-Factor Authentication

Systematically Bring to Light the Keys in Your Clouds

Why Technology Convergence is the Future of Cybersecurity

10 Reasons why businesses need mobile device management (MDM)

Systematically Bring to Light the Keys in Your Clouds

There’s a New Salter on the Block!

How to Generate an SBOM in Veracode SCA

Protecting Your Digital Identity: Celebrating Identity Management Day

Managed Security Service – What It Is and Why Does Your Company Need It

Banyan Security Enables Zero Trust Developer Access on Oracle Cloud

What Is API Ownership and How Can It Help Your Team?

How CIOs Can Balance Boldness and Caution By Implementing DevOps Test Data Management

What Is Digital Asset Management (DAM) and Why You Need It

Attack Surface Management for the Adoption of SaaS

Managing Cybersecurity Risk in M&A

Recent Tesla Hacks Highlight Importance of Protecting Connected Devices

SonicWall Issues Patch for Critical Bug Affecting its Analytics and GMS Products

Introducing ThreatDown: A new chapter for Malwarebytes

Atlassian Announces Critical Jira Service Management Vulnerability

Stay Connected