A few years ago, a news story about a man who was being paid six figures to watch cat videos went viral. Unfortunately, his company didn’t realize that this is what they were paying him to do all day. How did this happen? The employee, whom we’ll refer to as “John,” worked for a company in the US and was getting paid six figures as a developer.
Many security breaches take place when attackers gain access to Internet-facing applications by using compromised credentials. As an added layer of security against leaked credentials, organizations have been implementing multi-factor authentication (MFA) mechanisms to verify the identity of users connecting to critical online assets.
In information warfare, the need to develop SIEM architecture has become a crucial factor due to the existence of ever-growing cyber threats and their creators – cyber pests. The SIEM (Security Information and Event Management) presents a broad range of products or services for the purpose of managing security information and security events simultaneously.
What I’ve found throughout the years is that the only constant in life is the fact that everything changes and changes frequently. I can’t even get a consistent scenery on my way to work longer than a couple of weeks before something is different! At the same time, the world of technology is in constant flux whether it’s new technology or updates to automated tools that interact with all sorts of servers or services running throughout an environment.
There are many things within Information security that pundits have been claiming are dead, or should be killed by fire - passwords are usually found at the centre of such debates. But this isn’t a post about passwords, it’s a post about honesty, and trust. But let’s first take a look at the other side of the coin.
PCI DSS, or the Payment Card Industry Data Security Standard, is the set of regulatory requirements all organizations who process card payments must adhere to. Sounds simple enough, right? But PCI compliance can pose a major challenge to organizations if they’re not equipped with the proper knowledge and tools.
Senate Bill 1121, more commonly known as the California Consumer Privacy Act (CCPA) was passed on September 23, 2018, and becomes effective on January 1, 2020. Already being compared to the European Union’s General Data Protection Regulation (GDPR), the new law focuses on privacy rights and encompasses both consumer protection and data protection. Thus, organizations need to know how to secure and protect information to meet the CCPA’s regulatory requirements.
A lot could happen within 100 days. One could start a new company, travel around the world or train for a marathon. One hundred days is also around the average time that attackers spend frolicking around compromised networks before being detected. For countries in Europe, Middle East, and Africa the number goes up to 175, or almost half of a year. To make matters worse, the longer a breach remains undetected the more expensive it becomes.
