Cybercrime is costing UK businesses billions each and every year. Small businesses in particular are under threat, as they often take a more relaxed approach and a ‘not much to steal’ mindset. However, this lack of diligence has caused many companies to close permanently. Let’s ensure yours isn’t one of them. Time to start making the issue a priority! Here are some practical security recommendations for you and your business.
What camp are you in? In the camp that believes in air-gaps, or the other set that says they truly do not exist? Air-gap networks are networks that are physically and logically isolated from other networks where communication between these networks is not physically or logically possible.
With more business applications moving to the cloud, the ability to assess network behavior has changed from a primarily systems administration function to a daily security operations concern. And whilst sec-ops teams are already familiar with firewall and network device log tools, these can be of limited used in a “cloud first” business where much of the good traffic that occurs is hard to distinguish from potentially risky traffic.
The purpose of this series of blogs is to guide you on your journey up the Vulnerability Management Mountain (VMM). Like climbing a mountain, there is a lot of planning and work required, but when you get to the top, the view is amazing and well worth the journey. Your progress will depend on your funding and priorities, but climbing at a quick steady pace will help secure your environment.
HTTP Response Splitting is a type of attack that occurs when an attacker can manipulate the response headers that will be interpreted by the client. This article goes into details on how this can be abused by an attacker to insert arbitrary headers and the impact of this type of attack.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. Privacy is understandably a concern for all, and for those that are not that bothered and opt-in to give it away, I’m sure they assume it is for monitoring of their activities online. However, in this enterprising case, it appears to go beyond the virtual to physical and not where you would suspect…
Undoubtedly, log management is the heart of any SIEM solution. The more access to logs your SIEM has the better it will be able to perform. Logs help in identifying who attacked your organization and how these malicious actors penetrate your corporate network. By logging all the vital information related to network devices and other critical systems, you will be able to get a deeper insight into your organization’s cybersecurity posture.
Every week, the AT&T Chief Security Office produces a set of videos with helpful information and news commentary for InfoSec practitioners and researchers. I really enjoy them, and you can subscribe to the Youtube channel to stay updated. This is a transcript of a recent feature on ThreatTraq. Watch the video here.
AT&T Cybersecurity had a big presence at Infosecurity Europe 2019 in London, June 4-6. Our theme was unifying security management with people, process and technologies. While the industry is generally moving in the right direction, IT teams still struggle with being overwhelmed on the technology side, not knowing where to begin on the process side, and finding (or being able to afford) people with the right security skill sets.
In the new report, “Analytics is making its security operations mark ahead of schedule,” analyst firm 451 Research details the accelerating transition happening in the security information and event management (SIEM) space. The report underscores how new cloud-native analytics solutions are displacing traditional SIEMs at the heart of the defense.
