%term

CMMC Audit: What is it and how to prepare for it

Aug 16, 2021 By Julia Danby In Ignyte

Business owners whose revenue streams depend significantly or partially on government contracts have been recently faced with the mandatory emerging regulations called Cybersecurity Maturity Model Certification, also known as CMMC. All organizations working with the Department of Defense (DoD) and Federal government as their prime or subcontractors must be audited against these requirements by a competent third-party CMMC auditor.

Read Post

Ignyte

Read more about CMMC Audit: What is it and how to prepare for it

Brain Break from Fal.Con for Public Sector: Wizard Spider Threat Intel Highlight

Aug 16, 2021 By CrowdStrike In CrowdStrike

Wizard Spider is a criminal group behind the core development and distribution of a sophisticated arsenal of criminal tools that allow them to run multiple different types of operations. This interview with Nina Padavil, Strategic Threat Advisor, CrowdStrike, and Robert Bruno, Commercial Illustrator, will highlight Wizard Spider’s targets, tactics and motivations. You don't have a malware problem, you have an adversary problem – stay ahead of the adversaries and learn more at the Adversary Universe.

View Video

CrowdStrike

Read more about Brain Break from Fal.Con for Public Sector: Wizard Spider Threat Intel Highlight

Privacy in Q2: In Like a Lion, Out Like a ... Lion

Aug 16, 2021 By Tripwire Guest Authors In Tripwire

For a while, privacy in Q2 was looking like it would follow the season’s idiomatic rule: in like a lion, out like a lamb. But it came roaring back in June with a new U.S. state law, EU adequacy decisions, a new EU data transfer mechanism, and more. As we look back over the second quarter of 2021, several important developments are worth noting.

Read Post

Tripwire

Read more about Privacy in Q2: In Like a Lion, Out Like a ... Lion

Canary Deployment: What you need to know

Aug 16, 2021 By Eleanor Bennett In logit.io

Canary deployment is a risk mitigation strategy for software releases. it allows applications developers to limit the damage caused by the release of faulty software updates and roll back such faulty updates quickly and safely without compromising the entire software assets.

Read Post

logit.io

Read more about Canary Deployment: What you need to know

Modern Security Ops with Zscaler and Sumo Logic

Aug 16, 2021 By Drew Horn In Sumo Logic

The move to modernize security operations to keep up with the proliferation of complex, highly ephemeral apps and infrastructure has become more daunting than ever with the added explosion of remote work and the resulting acceleration of lift-and-shift and hybrid-cloud initiatives.

Read Post

Sumo Logic

Read more about Modern Security Ops with Zscaler and Sumo Logic

What is the NYDFS Cybersecurity Regulation? (23 NYCRR 500)

Aug 16, 2021 By Abi Tyas Tunggal In UpGuard

The NYDFS Cybersecurity Regulation (23 NYCRR 500) is a set of regulations from the New York State Department of Financial Services (NYDFS) that places cybersecurity requirements on all Covered Entities (financial institutions and financial services companies). It includes 23 sections outlining requirements for developing and implementing an effective cybersecurity program, requiring Covered Entities to assess their cybersecurity risk and develop a plan to proactively address them.

Read Post

UpGuard

Read more about What is the NYDFS Cybersecurity Regulation? (23 NYCRR 500)

How to Block Websites - Web Filtering Software Tutorial (2021) | BrowseControl

Aug 16, 2021 By CurrentWare In CurrentWare

Need to restrict internet access in your network? In this tutorial, you will learn how to block websites and restrict employee internet use with a free trial of BrowseControl, CurrentWare’s web filtering software.

View Video

CurrentWare

Read more about How to Block Websites - Web Filtering Software Tutorial (2021) | BrowseControl

10 Best Practices to Prevent DDoS Attacks

Aug 16, 2021 By Kasey Hewitt In SecurityScorecard

2020 was the year of the DDoS attack. Distributed Denial of Service (DDoS) attacks spiked over the last year, driven by the pandemic and the fact that so many people were locked down, working from home, and using online services to get through the pandemic. According to a report from NETSCOUT, more than 10 million DDoS attacks were launched last year, targeting many of the remote and essential services people were using to make it through the lockdown.

Read Post

SecurityScorecard

Read more about 10 Best Practices to Prevent DDoS Attacks

Critical Unauthenticated SQL Injection Vulnerability Patched in WooCommerce

Aug 16, 2021 By Kroll In Kroll

On July 14, 2021, WooCommerce issued an emergency patch for a critical vulnerability allowing an unauthenticated attacker to access arbitrary data in an online store’s database. WooCommerce is one of the most popular e-commerce platforms in the world and is installed on over five million websites. Additionally, the WooCommerce Blocks feature plugin, which is installed on more than 200,000 sites, was affected by the vulnerability and was patched at the same time.

Read Post

Kroll

Read more about Critical Unauthenticated SQL Injection Vulnerability Patched in WooCommerce

What is SIEM?

Aug 16, 2021 By Axel Sukianto In UpGuard

In an age of big data and connected devices, security information and event management (SIEM) is one of the key priorities for businesses of all sizes. At a time when data is everywhere, and cyber threats are growing, security information and event management is more important than ever. This is where information management meets security as companies seek to manage their incident response, compliance requirements, security, and analytics.

Read Post