The big news in critical infrastructure security is the ransomware-triggered shutdown of the Colonial gasoline pipeline – the largest such pipeline in the USA. The attack has been attributed to the DarkSide ransomware group. The group subsequentl…Read More What the pipeline attack means for critical infrastructures
Traditional employee risk mitigation efforts such as security awareness training and phishing simulations have a limited impact on improving employees’ real-world cybersecurity practices, according to Elevate Security and Cyentia Institute. The report …Read More Security awareness training doesn’t solve human risk
Many CISOs see themselves as Superman — soaring overhead, cape fluttering, and ready to swoop in and save the day at a moment’s notice if a crisis arises. There have been entire summits and award ceremonies based around the idea of CISOs as superheroes…Read More The best CISOs think like Batman, not Superman
Pentesting, also known as penetration testing, is a security assessment, an analysis, and progression of simulated attacks on an application (web, mobile, or API) or network to check its security posture. The objective is to penetrate the application o…Read More How modern workflows can benefit from pentesting
Several years ago, risk-based cybersecurity was a largely untested and hotly debated topic. But the tests have since been administered and the debate largely settled: risk-based cybersecurity produces proven results. The data shows that risk-based vuln…Read More Risk-based vulnerability management has produced demonstrable results
While there is not one exact industry wide definition, threat modeling can be summarized as a practice to proactively analyze the cyber security posture of a system or system of systems. Threat modeling can be conducted both in the design/development p…Read More What is threat modeling and why should you care?
Whilst employment has taken a downward curve over the last year or so, there are a variety of approaches I use when applying for a role to help my CV stand out. One key point is knowing what the job entails before submitting my cover letter and CV. Thi…Read More What in the World Is a CISO?
Information security researcher and author Tarah Wheeler talks with Microsoft’s Ann Johnson about the growing role of cybersecurity as a pillar of the business.
The post Afternoon Cyber Tea: Cybersecurity has become a pillar of the business appeared first on Microsoft Security.Read More Afternoon Cyber Tea: Cybersecurity has become a pillar of the business
Every organisation is on a mission to achieve agility; if 2020 taught us anything, it’s the need to be flexible is essential in order to adapt and thrive in new and uncertain environments. The increased adoption of technology in all forms – from increa…Read More Flexibility and Security, You Can Have it All!
It’s time for Security Awareness to adapt by thinking Cyber The transition to working from home, as well as the necessary technological change, has had an effect on businesses all over the world. This has serious consequences for cybersecurity. Curre…Read More Adapting Security Awareness to the Post-Pandemic World
What is the objective of implementing cybersecurity in a business? The answer might vary depending on whether you ask a security professional or a business executive. However, in any cybersecurity implementation, it’s very important to stay focused on …Read More Important Strategies for Aligning Security With Business Objectives
The COVID-19 pandemic has forced businesses across all industries to revise their working processes and requirements. From shifting overnight to a remote working model, furloughing staff and operating in a challenging economic climate, many businesses …Read More HR Strategies to Drive Cybersecurity Culture in the New Normal
The debate within business organizations of whether to use consumer devices or to invest in rugged devices for the operations side of their business is as old as personal computing itself. And with the pandemic having shown that endpoint management is …Read More Why enterprises need rugged devices with integrated endpoint management systems
On Feb 5th, 2021, a hacker gained remote access to a water treatment plant in Oldsmar, Florida, and was able to adjust the amount of sodium hydroxide in the water from 100 parts per million to 11,100. Thanks to the physical fail-safes and alarm systems…Read More U.S. municipalities are the perfect target for cybercriminals in 2021
After earning his master’s degree in computer science and working on the IT side of the business at a number of large financial services organizations, Bobby Balanchdran observed one interesting thing: the legal department in these organizations had be…Read More Chief Legal Officers face mounting compliance, privacy and cybersecurity obligations
Many organizations have maintained heavy investment in cybersecurity over the last year, even in an unpredictable time when other spending has faltered. Gartner estimates that IT security and risk management spending still grew 2.6 percent even as IT s…Read More Physical cyber threats: What do criminals leave when they break in?
A recent report predicts that home networks, remote working software and cloud systems will be at the center of a new wave of attacks in 2021. Cybercriminals in 2021 will particularly look to home networks as a critical launch pad to compromising corpo…Read More How do I select a network monitoring solution for my business?
The increasing importance of emotional intelligence and other skills required to work with different stakeholders are placing new demands on CISOs. However, it’s also creating opportunities for CISOs to become leaders of their organizations, according …Read More Emotional intelligence playing an increasingly important role for CISOs
What is CIEM? Among the many changes of 2020, Gartner added a new category: cloud infrastructure entitlement management (CIEM). While CIEM may sound similar to SIEM (security information and event management), the two security solutions are not the sam…Read More Why do enterprise SOC teams need CIEM now?
The most significant barrier to achieving DevSecOps is the continued perception that “Sec” is not already a part of “Dev” and “Ops”, says James Arlen, CISO at cloud data platform provider Aiven. Also, the fact this needs to be explicitly called out is …Read More Tips for boosting the “Sec” part of DevSecOps
The pandemic is exposing weaknesses in cybersecurity—learn why an integrated security solution can help combat emerging cyber threats.
The post Afternoon Cyber Tea: Evaluating individual and organizational cyber risk in a pandemic appeared first on Microsoft Security.Read More Afternoon Cyber Tea: Evaluating individual and organizational cyber risk in a pandemic
Roughly 12 months ago, when the world shifted seemingly overnight to work-from-home, few companies were well-positioned to seamlessly scale their remote work solutions. Legacy remote desktop solutions, like Virtual Desktop Infrastructure (VDI) and Desk…Read More Enable secure remote workspaces without trashing your entire IT infrastructure
Cybersecurity spending in critical infrastructure has been little impacted by the COVID-19 pandemic, save for some reshuffling on where that spend is most needed. The effect has been mostly in increased demand for secure remote connectivity. Most of th…Read More Cybersecurity spending for critical infrastructure to reach $105.99 billion in 2021
2020 was chock full of surprises and twists that no analyst could have predicted and came with a massive shift to remote working and tools that facilitate it. The good news is that managed service providers (MSPs) saw tremendous growth both due to the …Read More 5 cybersecurity trends MSPs must address in 2021
During the past year, business leaders have seen first-hand the benefits of adopting an everywhere enterprise model of working and are now carefully considering its role in the future of work. A study by Mercer revealed 94% of employers agreed that pro…Read More Protecting productivity within the disappearing perimeter
The corporate network perimeter has been completely redefined. Many IT leaders are adopting a Zero Trust security model where identities play a critical role in helping act as the foundation of their modern cybersecurity strategy. As a result, cybercriminals have shifted their focus and identities are increasingly under attack.
The post Why threat protection is critical to your Zero Trust security strategy appeared first on Microsoft Security.Read More Why threat protection is critical to your Zero Trust security strategy
Get insights on how cyber operatives manipulate social media users, and how you can protect yourself from social engineering and other cyber threats.
The post Afternoon Cyber Tea: Privacy, the pandemic, and protecting our cyber future appeared first on Microsoft Security.Read More Afternoon Cyber Tea: Privacy, the pandemic, and protecting our cyber future
The lessons we have learned during the past 12 months have demonstrated that the ability to respond to, and bounce back from adversity in general, can impact the short-and long-term success of any organization. It can even dictate the leaders and laggards in any industry.
The post Why operational resilience will be key in 2021, and how this impacts cybersecurity appeared first on Microsoft Security.Read More Why operational resilience will be key in 2021, and how this impacts cybersecurity
What are the Most Valued Cybersecurity Certifications in 2021? This is an important question for employers, recruiters, seasoned security professionals, and especially for those planning a cybersecurity career. The Information Security Careers Ne…Read More The Top Cybersecurity Certifications in 2021
Article by Dennis Okpara, Chief Security Architect & DPO at IDEE GmbHYes, there is hope for 2021, but the challenges of the “New Normal” are here to stay. CISOs have to prepare and start acting now, because cybersecurity and the IT-infrastruct…Read More Trends in IT-Security and IAM in 2021, the “New Normal” and beyond