Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

September 2020

Next generation firewall (NGFW) explained: What is a NGFW?

Traditional firewalls have been around for decades. But NGFWs, uninhibited by the same technology limits, take advantage of significant advancements in storage space, memory, and processing speeds. The feature set for NGFWs build upon traditional firewall features by including critical security functions like intrusion prevention, VPN, and anti-virus, and even encrypted web traffic inspection to help prevent packets containing malicious content from entering the network.

Zero Trust Architecture explained

With the increase in frequency, sophistication, and cost of cyberattacks, the global focus on cybersecurity is at an all-time high. However, the goalposts for those tasked with protecting businesses have shifted. Hackers have a growing number of ways they can compromise a business and are frequently looking to move laterally within an organization, using credentialed (and often elevated) access.

Stories from the SOC - Cloud and On-site Protection

One of the benefits of having your managed detection and response (MDR) service managed by AT&T Cybersecurity is the visibility into threats from a large number of customers of all sizes and across different industries. This allows the team to take what they learn from one customer and apply it to another. Our security operation center (SOC) analysts were able to use an OTX alarm and an AWS correlation rule to discover open ports on public facing servers for two different customers in 24 hours.

BYOD security explained: what is a BYOD policy?

Bring your own device (BYOD) describes the practice of using a personal device such as a smartphone or tablet to conduct business on an organization's network or with its data. Organizations constantly walk a tightrope with their BYOD policies to balance employee productivity and satisfaction against the effective management of cybersecurity risks.

What is mobile device management? MDM explained

Not too long ago, the desktop computer was the primary computing device for enterprise employees. With the rise of mobile endpoints like smartphones, laptops and tablets, employees are connecting to corporate networks from a wide variety of places and devices. Today, especially with the popularity of the WFH (work from home) model, managing the multitude of mobile devices is more complicated than ever before. The statistics tell a sobering tale.

IDC MarketScape Names AT&T a Leader in Worldwide Managed Security Services

IDC recently published the IDC MarketScape: Worldwide Managed Security Services 2020 Vendor Assessment, in which primary author Martha Vazquez and team studied 17 organizations that offer MSS globally. The report provides a comprehensive look at the top MSSP vendors, including AT&T Cybersecurity, and how managed security services are evolving to meet the needs of customers today.

Security awareness training explained

Cyberattacks are an almost daily occurrence for many IT and security professionals, and there are a host of different security solutions in the marketplace today that look to help companies detect and prevent those attacks. However, despite all the technology organizations have in place, their users remain their weakest link. Phishing is still one of the top initial attack vectors. Why?

Why misconfigurations are such an issue in your containers and Kubernetes

Organizations are increasingly incorporating containers and Kubernetes into their IT infrastructure. As reported by ZDNet, Flexera’s “2020 State of the Cloud Report” found that about two-thirds (65%) of organizations were using Docker and that another 14% intended to begin using it at some point. Slightly fewer organizations (58%) were using Kubernetes at the time of the survey, by comparison, with 22% of participants saying they planned to adopt it.

Cyber safety tips for virtual events

Since the start of the Covid-19 pandemic, the use of video chat software like Zoom has increased to 300 million meetings held per day. Unfortunately, hackers have taken to crashing private meetings and flooding them with objectionable content — a phenomenon known as Zoombombing. If you’re planning a virtual event, it’s important to pay attention to potential security issues and follow safety tips to keep the experience as safe and secure as possible for everyone involved.

What is DDoS mitigation and how does it work?

Distributed denial of service (DDoS) attacks are a favorite method for attackers to disrupt or debilitate firewalls, online services, and websites by overwhelming systems with malicious traffic or transaction requests. DDoS attackers accomplish this by coordinating an army of compromised machines, or 'bots', into a network of devices they control from a remote location that focus a stream of activity toward a single target.

Dark Web monitoring and scanning explained

Shady deals often occur in darkness – criminal activities require secrecy to cloak their illicit nature. Today, you can find those dark places on the fringes of the internet, known as the Dark Web. More often than not, this is the place where cybercriminals go to monetize the data they’ve acquired as the result of a breach.

Preparing for Zero Trust and planning your strategy

I listened in on a neat webcast recently, which was jointly produced by AT&T Cybersecurity and Palo Alto Networks: “Preparing for Zero Trust and Planning your Strategy.” Panelists were John Kindervag, Field CTO, Palo Alto Networks, Steve Sekiguchi, Director, AT&T Chief Security Office, Bindu Sundaresan, Director, AT&T Cybersecurity and Tawnya Lancaster, Lead Product Marketing, AT&T Cybersecurity.

Inside the Infographic: "Cybersecurity by the Numbers"

The ongoing cybercrime epidemic has triggered a cybersecurity calls to arms, as organizations around the world are looking for some 3.5 million skilled workers to help fight a $6 trillion problem. One of the cool features of the University of San Diego’s comprehensive new Cybersecurity Jobs Report is a shareable graphic that spotlights the cybercrime epidemic, the ongoing shortage of skilled cybersecurity professionals and the need for talent at the top companies across all industries.

Firewalls explained: the different firewall types and technologies

Finding the right network security tools to secure your sensitive data can be a significant challenge for any organization. Choosing a firewall may seem like a simple task, but companies can get overwhelmed by the different firewall types and options. Making the distinction between a firewall and other security solutions can also pose challenges. Here are the answers to some of the most common firewall questions.

What is Incident Response?

As new types of security incidents are discovered, it is absolutely critical for an organization to respond quickly and effectively when an attack occurs. When both personal and business data are at risk of being compromised, the ability to detect and respond to advanced threats before they impact your business is of the utmost importance.

What you need to know about securing your APAC business and the recent data law changes

Data breaches are growing in frequency and intensity amidst the recent Coronavirus pandemic, having increased by nearly 273% in the first quarter compared to the same time frame last year. In fact, 2020 may very well be remembered as the year when cybersecurity became a business problem rather than a technology issue. The driving factor here is the recent shift in workforce culture. More and more organizations are now setting up remote working teams.

How Covid-19 has increased vulnerabilities in Industrial Control Systems

By now, most are aware that the Covid-19 pandemic has led to a spike in cyberattacks. This sharp increase in malicious activity related to COVID has taken the typical form of adversaries seeking to benefit financially, gain unauthorized access to networks for immediate and long-term strategic benefit, and spread misinformation with political agendas.

Red Team testing explained: what is Red Teaming?

In the world of cybersecurity preparedness, there are a variety of strategies organizations large and small can take to help protect their networks and data from cyber-attacks. One such strategy involves an organization testing its own environment for security vulnerabilities. But because security weaknesses come in different forms, it’s necessary to have a focused security team that comprehensively searches for vulnerabilities that go beyond simple risk assessments.

Cloud-based SIEM explained

Security information and event management (SIEM) solutions offer businesses the ability to collect, store, and analyze security information from across their organization and alert IT admins/security teams to potential attacks. In today’s complex digital environments, SIEMs allow IT teams to more effectively detect and respond to a wide range of threats across broad networks.

PCI DSS logging requirements explained

As a consumer, I feel more confident about using my credit card online and in brick-and-mortar stores when I know retailers are being careful about PCI DSS compliance. Breached financial credentials can wreak havoc not only on the lives of consumers, but also on the well-being of merchant businesses. I think the PCI DSS is an excellent example of how security standards can be improved when organizations cooperate and collaborate.