The CMMC enforcement model will require a significant adjustment to the way contractors conduct government business – from procurement to execution. In Part 2 of this series, I discussed the possible impacts of having your company’s security rating made public. In Part 3, I would like to discuss the impact of having one unified standard for cybersecurity on a company’s compliance practices.

As a regular reader of Tripwire, you are aware that October is National Cyber Security Awareness Month. Way back in 2015, when the world was an entirely different place, I contributed an article that offered some tips for protecting yourself. Since that article, other scams have taken a front seat towards compromising our security. They are not new, but they seem to be the new “flavor of the day.”

As a society we have always relied on personal identifiers, commonly known as personally identifiable information (PII). Defining and protecting PII has recently become much more important as a component of personal privacy now that advances in computing and communications technology, including the internet, has made it easier to collect and process vast amounts of information.

Virtually every organization is a victim of cybercrime today. As the threat landscape evolves and proliferates, it’s necessary to prioritize the protection of data, customers’ privacy and brand reputation. Security directors must be prepared and equipped with the necessary tools to detect security events and address them accordingly at all times.

The U.S. Senate passed a new law requiring the federal government to provide more support for organizations hit by ransomware. The DHS Cyber Hunt and Incident Response Teams Act will require the Department of Homeland Security to put together dedicated teams whose goal is to provide advice to organizations on how to protect their systems. This group will also be responsible for providing technical support and incident response assistance.

Information security covers a wide area of various practices and techniques. In this article, we will take a closer look at the main components of this field.

We at The State of Security are committed to helping aspiring information security professionals reach their full potential. Towards that end, we compiled a list of the top 10 highest paying jobs in the industry. We even highlighted the U.S. cities that tend to reward security personnel with the best salaries, amenities and other benefits. Knowing which job title you’d like and where you’d like to live goes a long way towards advancing one’s infosec career.

Healthcare continues to see staggering growth in breaches to patient health information. In the first half of 2019 alone, 32 million health records were breached, compared to 15 million records in the entire year of 2018. However, this trend of growing cyber breaches in healthcare is likely to persist due to the following characteristics of the healthcare industry...

If you are involved in the cyber security processes, you must have heard of the term threat hunting. In this article, we discussed this rather popular concept in detail. Being one of the buzzing concepts of cyber security, threat hunting has been increasingly popular, but what does it refer to? Do you need it? Should you be doing it? We will answer all these questions in detail.

Phishing is a cyber attack that gathers sensitive information like login credentials, credit card numbers, bank account numbers or other financial information by masquerading as a legitimate site. Personal information like social security numbers, phone numbers and social media account information are also common targets for cybercriminals who perform identity theft. Phishing scams trick victims by using social engineering to create a sense of urgency.