Cybercrime is on the rise. The number of data breaches in 2017 was staggering and things are likely to get worse. Employee error, employee manipulation, hacking-as-a-service, and the gap between development and test make things even more challenging. Says Dr. Rao Papolu, it's time to take some time to assess the main threats to your cyber defenses.
In Part One of our three-part series, we started with a basic overview of who GDPR applies to and the definition of personal data under GDPR. Here in Part Two we will discuss key elements such as consent and online data technologies, privacy notices and
In the previous article I reviewed the Segregated Witness (SegWit), a Bitcoin soft fork developed to scale Bitcoin by trimming transaction data that was stored in the block and segregating it in another structure, freeing up space for more transactions. I finished the article promising a follow-up article on SegWit2X, which was scheduled to be released in November 2017.
We’re living in a new era of cyber-threats - and governments have started to take notice. To protect the information of their citizens, they’re implementing new regulations that hit businesses where it really hurts. Here’s what you need to know.
Intel has confirmed findings by researchers (including from Google’s Project Zero) that the design of chips from Intel, AMD and ARM has – for more than a decade – permitted hackers to access memory on billions of business and consumer devices. So what, you ask? This is what.
Privileged accounts give users the ability to compromise an organization’s network, systems
GDPR is a complex regulation comprised of 99 articles. In this 3 part series, we’ll break down the components of GDPR starting with an overview of the regulation and why you need to start preparing now. Part 2 will discuss some of the key elements including obtaining valid consent, online data technologies, privacy notices and cross border transfer. Part 3 will dive deeper into understanding the obligations of a Data Controller and Data Processors, individual rights, and the 72 hour data breach notification requirement.
2017 brought some of the most damaging cyber-attacks and volume driven data breaches the world has ever seen. Detailed profiles have been built on nearly every individual in the United States posing a threat to each consumer and organization. A wave of cyber crime is coming our way in 2018 like never seen before. How will you respond?
In October 2017, Bloc, one of the nation’s only fully online coding
In today’s world of rising threats and continuously increasing attacks, developing the right set of metrics for vulnerability management is necessary to keep up with the growth of potentially critical vulnerabilities. This article breaks down the seemingly complicated practice of inventorying organizational assets to understand what the most likely threats are and build the right metrics for vulnerability management.
Preparing for the GDPR leads to many questions for compliance teams, like, can we identify and monitor all websites collecting PII on behalf of our company? Are those collection points secure? Are they accompanied by compliance statements and controls? RiskIQ explores these potential issues and offers tips on how to address them.
This article came as the result of a discussion with Sean Martin regarding how Arctic Wolf's work with the City of Sparks impacts the police and its officers. It describes how the police officers do their job differently and how an increase in tech and cyber changes the way they view society and the way they live their lives.
Threat detection relies on signatures or the correlation of system events to identify indicators of compromise (IOCs). As such, it is primarily reactive and used to verify if a breach has occurred, and to assess the scope and spread of a threat. This article explains how proactive threat hunting can address this inherent weakness in threat detection by assuming a threat or threat actor has not been detected, yet may have targeted an organization.
KRACK, as acronyms go, seemed an appropriate handle for last month’s WiFi security disclosure. After a quarter stuffed with bad security news, a new flaw in one of our most beloved technologies might have a few security pros on the verge of cracking. The showiest security disasters make news, but breaches happen every day to organizations of every type around the world. The attacker perpetrating the next big cybersecurity incident is probably already behind someone’s firewall. And while you should definitely patch your vulnerabilities and maybe even turn off your WiFi (ok, just kidding, no one’s going to turn off the WiFi), that’s not going to be enough. We need to change how we think about cybersecurity.
Website accessibility technologies broaden the use of the devices and applications, giving individuals with disabilities the opportunity to experience the capabilities and benefits of the personal computing, the Internet, and all they have to offer. However, as with most things technical, security and privacy are often afterthoughts; the same prove true as accessibility features are used.
The Internet of Things (IoT) introduces a wealth of value as we look to make our digital lives more automated, streamlined, and easier. Unfortunately, with this value comes risk; risk that manifests itself not just in our personal lives, but in our professional business lives and in the industries and industrial settings that make it all possible. This article will cover the cybersecurity threats posed by data integrity in the era of IoT – particularly as it pertains to enterprise organizations and the industrial sector – and what organizations can do to mitigate the threats.
With the proliferation of attack types and the reality that threat actors are getting smarter, faster, and more efficient at compromising networks, today’s Security Operation Centers (SOC) must be more flexible and agile to detect and stop threats.
Organizations are implementing stricter mandates for what kind of platforms and mobile features employees can use on both personal and corporate-owned devices, prompting a dramatic increase in the rise of "shadow IT" like unauthorized messaging apps. By bringing messaging apps out of the shadows and into the mainstream, organizations can reduce the risk of both outside and inside threats to the enterprise.
In honor of Women’s Entrepreneurship Day (November 19), we are highlighting some amazing female founders and CEOs in cybersecurity and tech. Get to know the women who have launched, grown and run these successful companies!
The fact is that the people behind the keyboards are your weakest endpoints and the apathy in recognizing that fact is the biggest security threat of organizations today. So, what do we do to address this risk?