A CISO’s Guide to Principles of Data Privacy and Security by David Sheidlower, currently CISO for an international media and advertising firm, examines the key issues surrounding data privacy and security. In this Security Current ebook, David Sheidlower provides his perspective on topics, which include privacy policies, big data, consent, governance, and security. According to…Details
A CISO’s Guide to Phishing and Malware examines real-world examples of advanced targeted attacks via email and social media to show how these evolving threats are increading an organization’s business risks. Cybercrime is very much a B2B affair with surging returns on investment. From a business perspective, there is always a number associated with a breach. For…Details
Adversaries have patience and expect to persevere over any and all obstacles that stand in front of them. Their toolkit is not limited and if at first they don’t succeed they’ll try again until they complete their mission. The enterprise’s challenge: find and disrupt them before they fulfill their mission and prepare for the next…Details
It’s no secret, password secrets haven’t held up for quite some time against attacks targeting consumers and enterprise organizations. Breach after breach, credential compromise seems to be the path of least resistance. Why bother attempting to exploit a remote server against an unknown or even known vulnerability, when phishing a human will do just fine?…Details
As the world becomes more connected, it is no longer enough for enterprises to react once an alert indicates an attacker is on the network. What if security teams seek out the attacker as opposed to waiting for them to slip up and trip an alert? With motivated attackers penetrating successfully, security leaders are creating internal…Details
Agencies grant access privileges easily and out of necessity, but they struggle to manage these privileges as employees move throughout divisions. Revoking unnecessary access tends to be forgotten and the process of recertification of access privileges is error-prone, time consuming, or worse, forgotten. “Insider and privilege misuse” was identified by the 2014 Verizon Data Breach…Details
Organizations are adopting virtualization and cloud technologies as a foundation for their strategic business growth. Whether they deploy private cloud, public cloud or hybrid architectures, this is where IT investments are going today and in the years ahead. The bulk of new IT spending by 2016 will be for cloud computing platforms and applications, with nearly half of large…Details
Today’s Internet threat space is very dynamic. Globally there are thousands of malevolent actors disseminating hundreds of millions of threats each day.
Companies that are unprepared for these threats can suffer serious repercussions. The National Cyber Security Alliance has reported that roughly 60% of those companies go out of business within six months of a loss of data due to a security breach.Details
Once cyber attackers gain a foothold in a victim’s network they move quickly to entrench themselves in vulnerable systems throughout the network.
The cost of remediation once an attack proliferates increases exponentially, and it is compounded by the difficulty of knowing whether the attack actually is contained. Preventing that initial compromise is critical.Details