The National Institute of Standards and Technology (NIST), a physical sciences laboratory and a non-regulatory agency of the United States Department of Commerce, recently released their guidelines for password security. Some of them are contrary to what we’ve come to believe are good password policies. Our IT security expert will talk more about these guidelines in our upcoming webinar. Let’s take a look at what some of them are.

Whether you're a CISO, Vice President or individual contributor, you understand that information technology has changed how we do business, for better and for worse. Technology has brought speed, scale, and better customer experience to all aspects of commerce and communication, but it has also increased cybersecurity risk, particularly data breaches, cyber attacks, and other cyber threats.

The evolution of the cyber threat landscape highlights the emerging need for organizations to strengthen their ability to identify, analyze, and evaluate cyber risks before they evolve into security incidents. Although the terms “patch management” and “vulnerability management” are used as if they are interchangeable, this is not the case. Most are confused because applying patches is one of the many tools that’s available in our arsenal for mitigating cyber risks.

When a network contains an excess of redundant, obsolete and trivial (ROT) data, productivity and desired outcomes can take a hit. The good news is that organizations can significantly reduce the impact of ROT data when they plan properly and invest in the right tools.

As a technique used for keeping sensitive information safe, asymmetric encryption is a popular one. Read our article and learn more about what asymmetric encryption is and how it can be useful for your organization.

The world is currently gripped by the spread of Covid-19, more commonly referred to as coronavirus, and unsurprisingly, cybercriminals are making the most of the situation and public uncertainty through phishing scams. There are many different examples of Covid-19 phishing scams in active circulation. Some purport to share the latest guidance, others encourage people to apply for a tax rebate, and yet more ask for donations towards medical efforts. Some even claim to provide a magical cure.

The evolution of Security Information and Event Management (SIEM) is deeply intertwined with cloud computing, both in terms of technological breakthroughs the cloud provided and from its inherent security challenges. With the rise of cloud computing, we no longer rely on long-lived resources. An ephemeral infrastructure obscures the identity of the components and, even if you do have the visibility it doesn’t necessarily mean you can comprehend the meaning behind the components.

Security, whether focused on physical, cyber, operational, or other domains, is an interesting topic that lends itself to considerable debate among practitioners. There are, however, basic concepts and underpinnings that pervade general security theory. One of the most important, yet often misunderstood concepts are those inextricably entwined concepts of vulnerabilities and exploits. These basic underpinnings are critical in all security domains.

Many organisations are acting to prevent the spread of Coronavirus by allowing their employees to work from home. In order to be able to do so comfortably, and without introducing a component of risk, businesses should follow certain best practices that can guarantee their digital assets are just as secure with a remote workforce as they would be in-house. Unfortunately, cybercriminals have already started to take advantage of this pandemic.

Sysdig is working with VMware to deliver enhanced microservice and cloud security. Leveraging the container runtime security capabilities of Sysdig Secure along with the operations and security policies of VMware Tanzu Service Mesh, built on VMware NSX, customers will be better able to accelerate Kubernetes and cloud adoption, as well as application modernization.