Author Archives: Tripwire Guest Authors

Establishing Information Security in Project Management

A person recently asked me if it was possible to implement ISO 27001 using a specific project management software product. They used the tool in the past to define project plans and make project reviews. While I told them this is entirely possible, the truth is one can implement ISO 27001 even without a project […]… Read More

The post Establishing Information Security in Project Management appeared first on The State of Security.

The post Establishing Information Security in Project Management appeared first on Security Boulevard.

The State of Security: Establishing Information Security in Project Management

A person recently asked me if it was possible to implement ISO 27001 using a specific project management software product. They used the tool in the past to define project plans and make project reviews. While I told them this is entirely possible, the truth is one can implement ISO 27001 even without a project […]… Read More

The post Establishing Information Security in Project Management appeared first on The State of Security.



The State of Security

Why Cyber Security is Key to Enterprise Risk Management for all Organizations

Large organizations have always focused on managing risk, but the technological breakthroughs that have enhanced our world in countless ways have also transformed how leading executives engage in enterprise risk management (ERM). The pervasive and ever-expanding threat of cyber crime means that comprehensive strategies for cyber security are now absolutely essential for all organizations. After […]… Read More

The post Why Cyber Security is Key to Enterprise Risk Management for all Organizations appeared first on The State of Security.

The State of Security: Why Cyber Security is Key to Enterprise Risk Management for all Organizations

Large organizations have always focused on managing risk, but the technological breakthroughs that have enhanced our world in countless ways have also transformed how leading executives engage in enterprise risk management (ERM). The pervasive and ever-expanding threat of cyber crime means that comprehensive strategies for cyber security are now absolutely essential for all organizations. After […]… Read More

The post Why Cyber Security is Key to Enterprise Risk Management for all Organizations appeared first on The State of Security.



The State of Security

The State of Security: The Risk of Credential Stuffing to the Smart Home

As technology advances and the costs of connecting electronic components to the internet decreases, the lower the cost of having an internet connected smart home is. Sensors placed throughout a house and integrated into home appliances can provide homeowners the advantages of monitoring and managing functions of the home remotely. According to Rehman & Manickam […]… Read More

The post The Risk of Credential Stuffing to the Smart Home appeared first on The State of Security.



The State of Security

The Risk of Credential Stuffing to the Smart Home

As technology advances and the costs of connecting electronic components to the internet decreases, the lower the cost of having an internet connected smart home is. Sensors placed throughout a house and integrated into home appliances can provide homeowners the advantages of monitoring and managing functions of the home remotely. According to Rehman & Manickam […]… Read More

The post The Risk of Credential Stuffing to the Smart Home appeared first on The State of Security.

If the Data Breach Doesn’t Kill Your Business, the Fine Might

When you hear about a data breach in the news, it’s usually related to a major company or social media network that has been targeted. The erroneous conclusion would be that the hackers only focus on exploiting security flaws in large organizations, but the opposite is true. The reality is that cybercrime is deadly to […]… Read More

The post If the Data Breach Doesn’t Kill Your Business, the Fine Might appeared first on The State of Security.

The State of Security: If the Data Breach Doesn’t Kill Your Business, the Fine Might

When you hear about a data breach in the news, it’s usually related to a major company or social media network that has been targeted. The erroneous conclusion would be that the hackers only focus on exploiting security flaws in large organizations, but the opposite is true. The reality is that cybercrime is deadly to […]… Read More

The post If the Data Breach Doesn’t Kill Your Business, the Fine Might appeared first on The State of Security.



The State of Security

When Is a Data Breach a Data Breach?

A data breach remains a common headline in the news cycle. A different company, website or social network reports a security issue almost daily. If it feels like using the internet has become a risky endeavor, the feeling is accurate. But what exactly classifies an event as a data breach? The world wide web is […]… Read More

The post When Is a Data Breach a Data Breach? appeared first on The State of Security.

Is the Private or Public Cloud Right for Your Business?

It wasn’t a very long time ago when cloud computing was a niche field that only the most advanced organizations were dabbling with. Now the cloud is very much the mainstream, and it is rare to find a business that uses IT that doesn’t rely on it for a part of their infrastructure. But if […]… Read More

The post Is the Private or Public Cloud Right for Your Business? appeared first on The State of Security.

The State of Security: Cybersecurity ROI:  An Oxymoron?

Return on investment: is it worth the money? That is the central question both government and industry in deciding on any procurement. Demonstrating ROI on cybersecurity products is notoriously difficult and is one of the underlying reasons for the poor state of our nation’s cybersecurity posture. Ah, but here’s the rub: showing tangible ROI on […]… Read More

The post Cybersecurity ROI:  An Oxymoron? appeared first on The State of Security.



The State of Security

Cybersecurity ROI:  An Oxymoron?

Return on investment: is it worth the money? That is the central question both government and industry in deciding on any procurement. Demonstrating ROI on cybersecurity products is notoriously difficult and is one of the underlying reasons for the poor state of our nation’s cybersecurity posture. Ah, but here’s the rub: showing tangible ROI on […]… Read More

The post Cybersecurity ROI:  An Oxymoron? appeared first on The State of Security.

The State of Security: Like Football, Your Cybersecurity Defense Needs a Strong Offense

“The best defense is a good offense.” History credits Revolutionary War hero George Washington with being among the first to vocalize this concept, later famously echoed by heavyweight boxing champ Jack Dempsey and football god Vince Lombardi. And it’s easy to see what they mean. The idea is that being proactive — going on the […]… Read More

The post Like Football, Your Cybersecurity Defense Needs a Strong Offense appeared first on The State of Security.



The State of Security

Like Football, Your Cybersecurity Defense Needs a Strong Offense

“The best defense is a good offense.” History credits Revolutionary War hero George Washington with being among the first to vocalize this concept, later famously echoed by heavyweight boxing champ Jack Dempsey and football god Vince Lombardi. And it’s easy to see what they mean. The idea is that being proactive — going on the […]… Read More

The post Like Football, Your Cybersecurity Defense Needs a Strong Offense appeared first on The State of Security.

Why You Need to Align Your Cloud Strategy to Your Business Goals

Your company has decided to adopt the Cloud – or maybe it was among the first ones that decided to rely on virtualized environments before it was even a thing. In either case, cloud security has to be managed. How do you go about that? Before checking out vendor marketing materials in search of the […]… Read More

The post Why You Need to Align Your Cloud Strategy to Your Business Goals appeared first on The State of Security.

Five Easy Steps to Keep on Your Organization’s DevOps Security Checklist

The discovery of a significant container-based (runc) exploit sent shudders across the Internet. Exploitation of CVE-2019-5736 can be achieved with “minimal user interaction”; it subsequently allows attackers to gain root-level code execution on the host. Scary, to be sure. Scarier, however, is that the minimal user interaction was made easier by failure to follow a […]… Read More

The post Five Easy Steps to Keep on Your Organization’s DevOps Security Checklist appeared first on The State of Security.