March 2021

If you’ve landed on this page because you saw a strange message on a completely different website then followed a link to here, drop a note to the site owner and let them know what happened. If, on the other hand, you’re on this page because you’re interested in reading

Read More I Now Own the Coinhive Domain. Here’s How I’m Fighting Cryptojacking and Doing Good Things with Content Security Policies.

Information security continuous monitoring (ISCM) programs provide an understanding of risk tolerance and help officials set priorities and consistently manage information security risk throughout the organization. NISTIR 8212, An Information Security …

Read More NIST Releases an Example Implementation Tool for NISTIR 8212: An Information Security Continuous Monitoring Program Assessment

Modern technology is becoming one of the best ways to make businesses operate more efficiently. The demand for cyber security management has skyrocketed and that is a concept that a lot of people are not even familiar with.  This guide is going to take an in-depth look at cyber security management and help you to […]

The post What Do You Need to Know About Cyber Security Management? appeared first on CyberDB.

Read More What Do You Need to Know About Cyber Security Management?

“I solemnly swear to back up my important documents and precious memories on March 31st.” Are you taking the pledge this World Backup Day? Now in its tenth year, World Backup Day remains one of our favorite reminders of the risks of not backing up the data we hold dear. According to the World Backup […]

The post This World Backup Day, Our Customers Do the Talking appeared first on Webroot Blog.

Read More This World Backup Day, Our Customers Do the Talking

The past 12 months have been especially challenging for the manufacturing industry. The pandemic affected in-person manufacturing jobs as well as supply and demand, causing many manufacturing companies to shut their doors or lay off valuable employees….

Read More Manufacturing Has the Lowest Percentage of High-Severity Flaws but Needs to Improve Time to Remediation

Last year’s SolarWinds attack and its aftermath have provided numerous lessons concerning the dangers of IT supply chain attacks. Not all apply to every small and medium-sized business—most are unlikely to be targeted by highly trained state-backed hackers with virtually limitless funding—but some will be. We learned, for instance, that even IT pros could use […]

The post A Defense-in-Depth Approach Could Stop the Next Big Hack in its Tracks appeared first on Webroot Blog.

Read More A Defense-in-Depth Approach Could Stop the Next Big Hack in its Tracks

When you bump into someone in the workplace or at your local coffee shop, you might call that an “encounter.” That’s the scientific term for it, too. As part of urgent efforts to fight COVID-19, a science is rapidly developing for measuring the number …

Read More NIST Develops Privacy-Preserving ‘Encounter Metrics’ That Could Help Slow Down Future Pandemics 

Numerous companies experienced security breaches throughout the years, exposing their private data to cybercriminals. What some people don’t know is that most of these attacks had printers as their primary targets. Considering that even high-profile companies are at risk, prioritizing printer security would help you reduce your chances of getting hacked and compromising your company data. […]

The post Could Your Printer Be a Security Risk to Your Data? Here’s What You Should Know appeared first on CyberDB.

Read More Could Your Printer Be a Security Risk to Your Data? Here’s What You Should Know

This 🤬🤬🤬 DAC! I mean it’s a lovely device, but it’s just impossible to use it as an audio source in the browser without it killing the camera. I’m very close to being out of ideas right now, only remaining thing I can think of is to set everything up on

Read More Weekly Update 236

Cyber Essentials is one of the most cost-effective ways of bolstering your organisation’s information security. The UK government-backed scheme is designed to help organisations address common weaknesses without having to spend a fortune overhauling their cyber security practices. In this blog, we explain the costs involved in Cyber Essentials certification, including consultancy fees, renewal and advancing to Cyber Essentials Plus. The cost of Cyber Essentials IASME, the certification body that oversees Cyber Essentials certification, charges £300 plus VAT for an assessment. However, organisations must also factor in the costs of preparing for the assessment and aligning their practices with the

The post How Much Does Cyber Essentials Cost in 2021? appeared first on IT Governance UK Blog.

Read More How Much Does Cyber Essentials Cost in 2021?

If your critical systems, website or customer data were suddenly inaccessible due to a cyberattack, how soon would you be able to get back up and running? That’s a question that should be on every business leader’s mind. We’ve written before about cyber resilience and why it’s so important, but in today’s increasingly disruptive threat […]

The post Why MSPs Need to Shift from Cybersecurity to Cyber Resilience appeared first on Webroot Blog.

Read More Why MSPs Need to Shift from Cybersecurity to Cyber Resilience

If you’re a small business owner, cyber security might seem impossibly complicated and filled with endless pitfalls. There’s indeed a lot at stake – with ineffective security measures potentially threatening your productivity, your bank accounts, and your employees’ and third parties’ personal data. But fortunately, the path to effective security needn’t be difficult. In this blog, we explain you need to know about cyber security for small businesses. Why cyber security presents unique risks for SMEs The difficulties that small businesses face when addressing cyber risks can be separated into financial costs of the incident itself and the costs involved

The post Small business cyber security: the ultimate guide appeared first on IT Governance UK Blog.

Read More Small business cyber security: the ultimate guide

Documentation is a crucial part of any ISO 27001 implementation project, and one of the most important documents you need to complete is the SoA (Statement of Applicability). In this blog, we explain what an SoA is, why it’s important and how to produce one. What is a Statement of Applicability? An SoA summarises your organisation’s position on each of the 114 information security controls outlined in Annex A of ISO 27001. Clause 6.1.3 of the Standard states an SoA must: Identify which controls an organisation has selected to tackle identified risks; Explain why these have been selected; State whether

The post The importance of the Statement of Applicability in ISO 27001 – with template appeared first on IT Governance UK Blog.

Read More The importance of the Statement of Applicability in ISO 27001 – with template

According to recent reports, cyberattacks are occurring every 39 seconds in the US. Sounds impressive, doesn’t it? What’s more, one attack can harm millions of people. For example, when Atlanta was attacked using ransomware called SamSam, the city was offline for five days, which halted several significant citywide operations. As a result, the amount of […]

The post Cybersecurity Tips for Students at Home and in School 2021 appeared first on CyberDB.

Read More Cybersecurity Tips for Students at Home and in School 2021

A slow start this week as the camera refused to be recognised by any browser. The problem, of course, was that I’d plugged in a new DAC for the replacement speakers 🤷‍♂️ Despite the slow start, there’s a heap in this week’s update on all sorts of different things as I

Read More Weekly Update 235

There has been more than enough to worry about for the small business owner in the last 12 months. The checklist of things that have changed overnight probably covers every aspect of their business, foremost amongst them possibly that their entire workforce could now be working remotely. While getting a company through the last 12 […]

The post Why cybersecurity is one of the things your business cannot afford to take lightly appeared first on CyberDB.

Read More Why cybersecurity is one of the things your business cannot afford to take lightly

As you start your ISO 27001 implementation project, you probably want to know about much as possible. Some people attend training courses to pick up the knowledge of ISO 27001, and others go one step further, hiring an ISO 27001 consultant to guide them through the process. Those are both excellent options for those with the time and budget, but what if you’re looking for a less expensive approach? In those cases, you can never underestimate the influence of a book. Indeed, most information security professionals begin their journeys by picking up a book or two on ISO 27001, because

The post 3 must-read books on ISO 27001 appeared first on IT Governance UK Blog.

Read More 3 must-read books on ISO 27001

After serveral months (actually 15) from the Cybersecurity Observatory launch (you can find it HERE) I experienced a huge increment of classified Malware from the end of January 2021. The following picture shows how the average samples frequency is just more than twice if compared to the beginning of the month and to the past […]

Read More Malware Family Surface 2021 (Q1)