Take Time To Understand The Cyber Threat Landscape

Cybercrime is on the rise. The number of data breaches in 2017 was staggering and things are likely to get worse. Employee error, employee manipulation, hacking-as-a-service, and the gap between development and test make things even more challenging. Says Dr. Rao Papolu, it's time to take some time to assess the main threats to your cyber defenses.

GDPR Will Have A Big Impact On Small And Medium Business - Part 2

In Part One of our three-part series, we started with a basic overview of who GDPR applies to and the definition of personal data under GDPR. Here in Part Two we will discuss key elements such as consent and online data technologies, privacy notices and cross border transfers. Part Three will dive into understanding individual rights and the obligations of a data controller and data processor.

Bitcoin’s Fork And Its Security Implications – Part 2

In the previous article I reviewed the Segregated Witness (SegWit), a Bitcoin soft fork developed to scale Bitcoin by trimming transaction data that was stored in the block and segregating it in another structure, freeing up space for more transactions. I finished the article promising a follow-up article on SegWit2X, which was scheduled to be released in November 2017.

GDPR - Other Governments Will Follow The EU’s Example

We’re living in a new era of cyber-threats - and governments have started to take notice. To protect the information of their citizens, they’re implementing new regulations that hit businesses where it really hurts. Here’s what you need to know.

Spectre And Meltdown Vulnerabilities. Happy New Year!

Intel has confirmed findings by researchers (including from Google’s Project Zero) that the design of chips from Intel, AMD and ARM has – for more than a decade – permitted hackers to access memory on billions of business and consumer devices. So what, you ask? This is what.

Privilege Abuse. Who Is Doing What In Your Network?

Privileged accounts give users the ability to compromise an organization’s network, systems and data, but discovering such incidents can take months or years. Michael Fimin outlines the Top 5 threats that result from poor privilege account management and explains 3 ways organizations can mitigate risk of privilege abuse.

GDPR Will Have A Big Impact On Small And Medium Business - Part 1

GDPR is a complex regulation comprised of 99 articles. In this 3 part series, we’ll break down the components of GDPR starting with an overview of the regulation and why you need to start preparing now. Part 2 will discuss some of the key elements including obtaining valid consent, online data technologies, privacy notices and cross border transfer. Part 3 will dive deeper into understanding the obligations of a Data Controller and Data Processors, individual rights, and the 72 hour data breach notification requirement.

If You Thought 2017 Was Tough, Say Hello To 2018

2017 brought some of the most damaging cyber-attacks and volume driven data breaches the world has ever seen. Detailed profiles have been built on nearly every individual in the United States posing a threat to each consumer and organization. A wave of cyber crime is coming our way in 2018 like never seen before. How will you respond?

Online Coding Bootcamps Can Tip The Gender Balance In Tech

In October 2017, Bloc, one of the nation’s only fully online coding bootcamps, reached a new milestone. For the first time, a majority of Bloc’s newly enrolled students were women. Given recent events in the Silicon Valley and across the tech sector, the team at Bloc is proud to have tipped the gender balance in enrollment.

Must-Have Metrics for Vulnerability Management

In today’s world of rising threats and continuously increasing attacks, developing the right set of metrics for vulnerability management is necessary to keep up with the growth of potentially critical vulnerabilities. This article breaks down the seemingly complicated practice of inventorying organizational assets to understand what the most likely threats are and build the right metrics for vulnerability management.

Complying With GDPR Might Require Some Rescue Operation

Preparing for the GDPR leads to many questions for compliance teams, like, can we identify and monitor all websites collecting PII on behalf of our company? Are those collection points secure? Are they accompanied by compliance statements and controls? RiskIQ explores these potential issues and offers tips on how to address them.

​SOC-as-a-Service In The City of Sparks, To Protect ​The Protectors

This article came as the result of a discussion with Sean Martin regarding how Arctic Wolf's work with the City of Sparks impacts the police and its officers. It describes how the police officers do their job differently and how an increase in tech and cyber changes the way they view society and the way they live their lives.

The Truth Is That Threat Hunting Is More Art Than Science

Threat detection relies on signatures or the correlation of system events to identify indicators of compromise (IOCs). As such, it is primarily reactive and used to verify if a breach has occurred, and to assess the scope and spread of a threat. This article explains how proactive threat hunting can address this inherent weakness in threat detection by assuming a threat or threat actor has not been detected, yet may have targeted an organization.

Spotting Attackers Early Means Being More Protected

KRACK, as acronyms go, seemed an appropriate handle for last month’s WiFi security disclosure. After a quarter stuffed with bad security news, a new flaw in one of our most beloved technologies might have a few security pros on the verge of cracking. The showiest security disasters make news, but breaches happen every day to organizations of every type around the world. The attacker perpetrating the next big cybersecurity incident is probably already behind someone’s firewall. And while you should definitely patch your vulnerabilities and maybe even turn off your WiFi (ok, just kidding, no one’s going to turn off the WiFi), that’s not going to be enough. We need to change how we think about cybersecurity.

Cybersecurity And Privacy Risk Of Web Accessibility Features

Website accessibility technologies broaden the use of the devices and applications, giving individuals with disabilities the opportunity to experience the capabilities and benefits of the personal computing, the Internet, and all they have to offer. However, as with most things technical, security and privacy are often afterthoughts; the same prove true as accessibility features are used.

The Security Threat That Lies Ahead: Data Integrity

The Internet of Things (IoT) introduces a wealth of value as we look to make our digital lives more automated, streamlined, and easier. Unfortunately, with this value comes risk; risk that manifests itself not just in our personal lives, but in our professional business lives and in the industries and industrial settings that make it all possible. This article will cover the cybersecurity threats posed by data integrity in the era of IoT – particularly as it pertains to enterprise organizations and the industrial sector – and what organizations can do to mitigate the threats.

New SOC Strategies For Our Modern InfoSec Landscape

With the proliferation of attack types and the reality that threat actors are getting smarter, faster, and more efficient at compromising networks, today’s Security Operation Centers (SOC) must be more flexible and agile to detect and stop threats.

It’s Better To Bring Messaging Apps Out Of The Shadows

Organizations are implementing stricter mandates for what kind of platforms and mobile features employees can use on both personal and corporate-owned devices, prompting a dramatic increase in the rise of "shadow IT" like unauthorized messaging apps. By bringing messaging apps out of the shadows and into the mainstream, organizations can reduce the risk of both outside and inside threats to the enterprise.

A Selection Of Female Founders & CEOs In Cybersecurity

In honor of Women’s Entrepreneurship Day (November 19), we are highlighting some amazing female founders and CEOs in cybersecurity and tech. Get to know the women who have launched, grown and run these successful companies!

Admins and Privileged Accounts Are The Keys To The Kingdom

The fact is that the people behind the keyboards are your weakest endpoints and the apathy in recognizing that fact is the biggest security threat of organizations today. So, what do we do to address this risk?