cybersecurity Tag

It's not nuclear weaponry, but for an enterprise developing a critical application that will handle sensitive data, application developed in-house can create existential-level institutional peril. No One Plans To Leave Gaping Security Holes ...

What are the upcoming threats for 2021 and beyond? How should companies assess the risks of these threats, and align resource investment accordingly? This presentation provides a step-by-step blueprint for moving towards a risk-based approach to threat protection, regardless of which cybersecurity framework you adhere...

IoT holds the promise of providing enterprise organizations with increased awareness, evolving insight, and the ability to take action in real time. But doing so effectively requires implementing best practices when it comes to deployment and operations. It means staffing and budgeting successfully, and rolling out...

Everything is different now. That's true for all of us, as we cope with the enduring presence and lingering aftereffects of the Covid-19 pandemic. But it's particularly true for enterprise technologists, who are witnessing a once-in-a-generation set of paradigm shifts that are transforming how companies and...

The concept of threat-informed defense is near and dear to my heart, given that it aligns with three themes I've been preaching about for years: the importance of matching cybersecurity investments (in both technology and operations) with risk;  the value of aligning one's cybersecurity practices...

' IoT can be game-changing for organizations -- in more ways than one. In fact, organizations that successfully implemented IoT generated an average of $8.36 million in new revenue, $5 million in savings and 41.8% improvement in business process efficiency, according to our Nemertes Research IoT...

In my previous post, I pointed out that the Twitter hack was just an example of a phishing scam--the same old scam that's been around since the dawn of the Internet. The basic flaw is gullible (if smart) humans trusting people they shouldn't, for stupid...

As described in Security Magazine, "In recognition of the growing convergence of cyber and traditional financial crimes, the U.S. Secret Service is formally merging its Electronic Crimes Task Forces (ECTFs) and Financial Crimes Task Forces (FCTFs) into a single unified network, which will be known...

The National Security Agency (NSA) recently issued a set of guidelines for configuring IPsec VPNs. You can read the guidelines here; the key points are the following: Reduce the VPN gateway attack surface Verify that cryptographic algorithms are Committee on National Security Systems Policy (CNSSP) 15-compliant ...

Ramping up Risk, pre-COVID-19 and mid-COVID-19 Enterprise organizations pour hundreds of millions into their cybersecurity initiatives, protecting  everything from remote and cloud-based resources to IoT devices to collaboration applications. At the same time, they're also transforming interactions with their employees and customers. They're increasingly enabling employees to...