Category Archives: Follow on

You are who you say you are: Establishing digital trust with the blockchain

Over the last few years, blockchain use has gained popularity driven partly by the interest in cryptocurrency, but mostly with the growing understanding of what distributed ledger technology can enable through decentralization of trust. Most large companies have innovation teams looking at ways that blockchain technology can be applied, and many analyst firms, system integrators and other influencers have focused teams providing advice on applications of blockchain technology. I have spoken to experts at leading … More

The post You are who you say you are: Establishing digital trust with the blockchain appeared first on Help Net Security.

The future of OT security in modern industrial operations

Both the likelihood and consequences of cyberattacks to OT/ICS components continue to grow for modern industrial operations. In this podcast, Andrew Ginter, VP of Industrial Security at Waterfall Security Solutions, and Edward Amoroso, CEO of TAG Cyber, talk about how new approaches are needed to gain defensive advantage over already-capable cyber adversaries, to keep up with new OT/ICS technologies, and to serve business risk management needs in increasingly-demanding, competitive environments. Here’s a transcript of the … More

The post The future of OT security in modern industrial operations appeared first on Help Net Security.

Scaling the IoT product security lifecycle with automation

Recent events around the globe once again shine a limelight on the security issues the IoT community is facing. From claimed attacks on chlorine plants in Ukraine to potential threats to entire medical systems, IoT devices have left their users at a disadvantage against attackers, and the reason might just be that the security minds of our generation are still approaching product security in a traditional way – manually. The IoT security value chain continues … More

The post Scaling the IoT product security lifecycle with automation appeared first on Help Net Security.

Every month should be Cyber Security Awareness Month

In 2004, October was deemed National Cyber Security Awareness Month (NCSAM). This was an initiative promoted by the National Cyber Security Division (NCSD) within the Department of Homeland Security and the National Cyber Security Alliance (NCSA, a non-profit organization). It’s been 14 years since its inception, has it worked? Are we more aware of the perils in the world of cyber security? The reality is that there are various studies that have been conducted over … More

The post Every month should be Cyber Security Awareness Month appeared first on Help Net Security.

Your backup data sets can become a treasure trove for advanced threat detection

Despite ever increasing investments in security technologies, data breaches and cyber incidents are increasing at a relentless rate, and the problem is projected to keep getting worse. Industry research shows that attacks from ransomware, data compromise, malicious email and credential theft more than doubled to 160,000 incidents per year, with unreported incidents likely bringing the true number to more than 350,000. While much of the press focused on breaches to high profile targets, every size … More

The post Your backup data sets can become a treasure trove for advanced threat detection appeared first on Help Net Security.

Four critical KPIs for securing your IT environment

In 2018, the average cost of a data breach is more than $3.75 million, and experts expect this number to rise in the coming years. This staggering—and potentially catastrophic—cost per incident is why implementing proper security practices is so important, so it is vital that enterprises both large and small understand how to secure their IT environments successfully. So, what should you be measuring when it comes to your security program? As the old saying … More

The post Four critical KPIs for securing your IT environment appeared first on Help Net Security.

Keeping your cloud malware-free: What you need to know

This year we’ve seen massive malware attacks spanning from nation state campaigns originating in North Korea and Russia to popular restaurants and everything in between. Each new incident serves as a grim reminder to business leaders that hackers will not relent. Yet with cloud adoption growing rapidly in the enterprise, the odds of a malware infection spreading and leading to a potential breach are increasing. According to a study conducted by the Ponemon Institute, almost … More

The post Keeping your cloud malware-free: What you need to know appeared first on Help Net Security.

You gotta fight, for your right, to erasure

According to Article 17 of the European Union’s General Data Protection Regulation (GDPR), all personal data that is no longer necessary must be removed and deleted. This aspect of the law, also known as “the right to erasure,” grants any user or customer the right to request that an organization deletes all data related or associated to them without undue delay, within 30 days. Moreover, the regulation carries heavy fines if a business does not … More

The post You gotta fight, for your right, to erasure appeared first on Help Net Security.

You should prepare for the next mega data breach

As of September 2018, it’s been one year since the historical Equifax mega data breach that impacted nearly half of all consumers in the U.S. Since this monumental invasion of personal data, fraudsters have shown little to no notion of slowing down as evident by the continued emergence of additional data breaches. In fact, within the past year alone, nearly 30 percent of U.S. consumers have been notified of a breach impacting their own personal … More

The post You should prepare for the next mega data breach appeared first on Help Net Security.

Cybersecurity has a diversity problem: Here’s why

I’ve gotten really good at listing really depressing and disheartening stats over the years. It’s not what I want to be good at, but I’ve found that it’s necessary to help people understand that the gender gap is real, especially for women in cybersecurity. Did you know that women only represent about 20% of cybersecurity professionals worldwide? That’s less than 1/4. Sometimes the stats I rattle off startle people (usually men), and more often than … More

The post Cybersecurity has a diversity problem: Here’s why appeared first on Help Net Security.

Are you ready? A good incident response plan can protect your organization

The rise in cyber threats in the last several years has shown that organizations must continuously stay ahead of adversaries to protect their investments: data, intellectual property, finances, and people. Indeed, the Cisco 2018 Annual Cybersecurity Report found that the cost of attacks is no longer hypothetical. More than half of all breaches resulted in financial damages of more than $500,000. Over the years, I’ve designed incident response teams from the ground up as well … More

The post Are you ready? A good incident response plan can protect your organization appeared first on Help Net Security.

Building security into DevOps versus bolting it on

In this podcast, Hari Srinivasan, Director of Product Management for Qualys, talks about building security into DevOps versus bolting it on, specifically for containers. Here’s a transcript of the podcast for your convenience. Hello! My name is Hari Srinivasan, Director of Product Management for Qualys, cloud and virtualization security. Welcome to this Help Net Security podcast. Today we’re going to talk about building security into DevOps versus bolting it on, specifically for containers. Containers are … More

The post Building security into DevOps versus bolting it on appeared first on Help Net Security.

Malicious hacking activity increasingly targeting critical infrastructure

In this podcast, Andrew Ginter, VP of Industrial Security at Waterfall Security Solutions, and Edward Amoroso, CEO of TAG Cyber, talk about how the traditional focus of most hackers has been on software, but the historical focus of crime is on anything of value. It should come as no surprise, therefore, that as operational technology (OT) and industrial control system (ICS) infrastructure have become much more prominent components of national critical infrastructure, that malicious hacking … More

The post Malicious hacking activity increasingly targeting critical infrastructure appeared first on Help Net Security.

How to gain visibility with global IT asset inventory

In this podcast recorded at Black Hat USA 2018, Pablo Quiroga, Director of Product Management at Qualys, talks about how to gain unprecedented visibility with global IT asset inventory. Here’s a transcript of the podcast for your convenience. My name is Pablo Quiroga. I’m the Director of Product Management at Qualys, and today I’m going to be speaking about how to gain unprecedented visibility with global IT asset inventory. A complete visibility of your IT … More

The post How to gain visibility with global IT asset inventory appeared first on Help Net Security.

Data privacy automation: Unlock your most valuable asset

In years past, data privacy was the purview of the chief privacy officer. However, increasingly, CTOs are being tasked with operationalizing a data privacy solution for the company. That’s because data privacy is fundamentally a data issue, with privacy being an outcome of a comprehensive data protection strategy. In a world of exploding data, it’s impossible for privacy professionals using manual, survey-based approaches to stay on top of this ever-changing sea of information. Companies constantly … More

The post Data privacy automation: Unlock your most valuable asset appeared first on Help Net Security.