Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

If the Data Breach Doesn't Kill Your Business, the Fine Might

When you hear about a data breach in the news, it’s usually related to a major company or social media network that has been targeted. The erroneous conclusion would be that the hackers only focus on exploiting security flaws in large organizations, but the opposite is true.

Hackers aren't confined to cyberspace anymore

Like many things in life, hackers are victims (and I use the word loosely) of stereotyping. You won’t find much stock imagery depicting hackers that doesn’t involve a hoodie, a dimly-lit room and several monitors full of scrolling binary text. And whilst that’s definitely sometimes true, it also makes several assumptions about hackers in general, which is at best misleading and at worst leaves you wide open to attack.

Weekly Cyber Security News 29/03/2019

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Some big news items this week, namely further details on the ransomware campaign claiming Norsk last week spreading to other targets. One bit of good news is that there appears to be a flaw in the code and a simple Windows Shortcut can stop it from working.

Turning Data into Metrics: A Vulnerability Management Story

One of the main issues I find across the information security industry is that we constantly need to justify our existence. Organizations have slowly realized they need to spend on IT to enable their businesses. Information security, on the other hand, is the team that is constantly preventing the business from freely doing as they please. IT is seen as a driver of success, and security can be, too. The security team just needs to learn how to enable the business.

Do You Know Your Numbers? No, Your Cyber Health Numbers!

Last year, as in years prior, was a year full of cyber-attacks. But what was interesting was the trend of small and medium businesses being targeted more often. Generally, those types of businesses have either rested in the false impression that they’re not a big enough target or didn’t have plentiful valuable information hackers are seeking. The reality is the opposite and the stakes couldn’t be higher.

Sponsored Post

EventSentry v4.0 - Introducing ADMonitor

Since Active Directory is the foundation of all Windows networks, monitoring Active Directory needs to be part of any comprehensive security strategy. Up to version 3.5, EventSentry utilized Windows auditing and the security event log to provide reports on: User Account Changes, Group Changes and Computer Account Changes.

Zero Trust Security: Supporting a CARTA approach with Continuous Monitoring

Learn how to support a continuous adaptive risk and trust assessment (CARTA) approach leveraging accurate Kubernetes flow logs. 5-tuple logging is commonly used to monitor and detect anomalies and produces unreliable data that cannot accurately identify anomalies nor prove enforcement of security policies.

Zero Trust Security: Supporting a CARTA approach with Anomaly Detection

Learn how Anomaly Detection supports, what Gartner has termed, a continuous adaptive risk and trust assessment (CARTA) when building a CaaS platform using Kubernetes. Anomaly Detection expands the zero trust network security model and continuously assess the application and network risk that enables adaptive policy adjustments.