Shadow IT: The Invisible Network

The term “shadow IT” is used in information security circles to describe the “invisible network” that user applications create within your network infrastructure. Some of these applications are helpful and breed more efficiency while others are an unwanted workplace distraction. However, all bypass your local IT security, governance and compliance mechanisms. The development of application policies and monitoring technology have lagged far behind in comparison to the use of cloud-based…

November 14, 2017
Read More >>

4 Questions Businesses Must Ask Before Moving Identity into the Cloud

The cloud has transformed the way we work and it will continue to do so for the foreseeable future. While the cloud provides a lot of convenience for employees and benefits for companies in terms of cost savings, speed to value and simplicity, it also brings new challenges for businesses. When coupled with the fact that Gartner predicts 90 percent of enterprises will be managing hybrid IT infrastructures encompassing both…

November 8, 2017
Read More >>

Artificial Intelligence: A New Hope to Stop Multi-Stage Spear-Phishing Attacks

Cybercriminals are notorious for conducting attacks that are widespread, hitting as many people as possible, and taking advantage of the unsuspecting. Practically everyone has received emails from a Nigerian prince, foreign banker, or dying widow offering a ridiculous amount of money in return for something from you. There are countless creative examples of phishing, even health drugs promising the fountain of youth or skyrocketing your love life in return for…

November 7, 2017
Read More >>

Category #1 cyberattack: are critical infrastructures exposed?

Critical national infrastructures are the vital systems and assets pertaining to a nation’s security, economy and welfare. They provide light for our homes; the water in our taps; a means of transportation to and from work; and the communication systems to power our modern lives. The loss or incapacity of such necessary assets upon which our daily lives depend would have a truly debilitating impact on a nation’s health and…

November 7, 2017
Read More >>

Category #1 Cyberattacks: Are Critical Infrastructures Exposed?

Critical national infrastructures are the vital systems and assets pertaining to a nation’s security, economy and welfare. They provide light for our homes; the water in our taps; a means of transportation to and from work; and the communication systems to power our modern lives. The loss or incapacity of such necessary assets upon which our daily lives depend would have a truly debilitating impact on a nation’s health and…

November 7, 2017
Read More >>

The Evolution from Waterfall to DevOps to DevSecOps and Continuous Security

Software development started with the Waterfall model, proposed in 1956, where the process was pre-planned, set in stone, with a phase for every step. Everything was predictably…sluggish. Every organization involved in developing web applications was siloed, and had its own priorities and processes. A common situation involved development teams with their own timelines, but quality assurance teams had to test another app, and operations hadn’t been notified in time to…

November 3, 2017
Read More >>

From the Medicine Cabinet to the Data Center – Snooping Is Still Snooping

We’ve all done it in one form or another. You go to a friend’s house for a party and you have to use the restroom. While you are there, you look behind the mirror or open the cabinet in hopes of finding out some detail — something juicy — about your friend. What exactly are you looking for? And why? Are you feeding into some insecurity? You don’t really know,…

November 3, 2017
Read More >>

Healthcare Orgs in the Crosshairs: Ransomware Takes Aim

Criminals are using ransomware to extort big money from organizations of all sizes in all industries. But healthcare organizations are especially attractive targets. Healthcare organizations are entrusted with the most personal, intimate information that people have – not just their financial data, but their very private health and treatment histories. Attackers perceive healthcare IT security to be the least effective and outdated in comparison with other industries. They also know that healthcare…

November 3, 2017
Read More >>

Thinking Outside the Suite: Adding Anti-Evasive Strategies to Endpoint Security

Despite ever-increasing investments in information security, endpoints are still the most vulnerable part of an organization’s technology infrastructure. In a 2016 report with Rapid7, IDC estimates that 70% of attacks start from the endpoint. Sophisticated ransomware exploded into a global epidemic this year, and other forms of malware exploits, including mobile malware and malvertising are also on the rise.   The only logical conclusion is that existing approaches to endpoint security…

November 3, 2017
Read More >>

Managing Cyber Security in Today’s Ever-Changing World

When it comes to victims of recent cyber-attacks, their misfortune raises a few critical questions: Is anything really safe?  Do the security recommendations of experts actually matter?  Or do we wait for our turn to be victimized, possibly by an attack so enormous that it shuts down the entire data-driven infrastructure at the heart of our lives today? As the Executive Director of the Information Security Forum (ISF), an organization dedicated…

October 26, 2017
Read More >>