Articles tagged with: cybersecurity

Nearly 60% of Security Professionals Trust Cybersecurity Findings Verified by Humans over AI

Nearly 60% of Security Professionals Trust Cybersecurity Findings Verified by Humans over AI

New research revealed that while over half of organizations use artificial intelligence (AI) or machine learning in their security stack, nearly 60 percent are still more confident in cyberthreat findings verified by humans over AI.

security professionals, artificial intelligence (AI), cybersecurity, Cybersecurity Findings Verified by Humans over AI

5 Tips on How Companies Can Prepare for Cyberattacks and Data Breaches

5 Tips on How Companies Can Prepare for Cyberattacks and Data Breaches

Benjamin Franklin once said, “By failing to prepare, you are preparing to fail.” These sage words unfortunately describe the dilemma many companies are facing on a daily basis with increasing frequency. Whether because of a lack of resources to commit to cybersecurity or the C-suite’s reluctance to do things differently, companies are suffering from a rash of bad actors seeking to profit from cyberattacks and the loss of data because of negligent handling by insiders.

How Companies Can Prepare for Cyberattacks, Data Breaches, cybersecurity, cyberattacks

How to Achieve Cybersecurity with Patience, Love and Bribery

How to Achieve Cybersecurity with Patience, Love and Bribery

Your five-year-old hears the doorbell ring just after you’ve jumped in the shower. They’ve been trained by your example to answer the door when they hear the bell, but are a bit too young to have had the “never answer the door unless I’m with you” talk. The man at the door is dressed in a sharp uniform that says Acme Repair (meep meep). Your child doesn’t read yet, but they recognize an authority figure when they see one (thanks Wile E Coyote), and let him in when he says, “Your mom called to have the heater fixed.”

How to Achieve Cybersecurity, data breaches, cybersecurity

65% of stressed-out cybersecurity and IT workers are thinking about quitting

65% of stressed-out cybersecurity and IT workers are thinking about quitting

A recent report found that the average tenure of a chief information security officer (CISO) is only 18 to 24 months, citing constant stress and urgency of the job as the core reasons. For comparison, the average tenure of a chief financial officer is 6.2 years and the average tenure of a chief executive officer is 8.4 years.

cybersecurity, chief information security officer, ciso

Insider Threats: An Underestimated Risk

Insider Threats: An Underestimated Risk

What is an insider threat? Security professionals know that insider threats, by their nature, are a broad-based threat and, more than ever before, can be extremely difficult to defend against. In this article, we will briefly discuss the possible risks, as well as some options for building up your defenses.

Insider threats, information, security, cyber threats, cybersecurity

Cybersecurity Skills Shortage is Impacting Organizations

Cybersecurity Skills Shortage is Impacting Organizations

Seventy-four percent of organizations are impacted by the cybersecurity skills shortage, according to a study of cybersecurity professionals by the Information Systems Security Association (ISSA) and Enterprise Strategy Group (ESG).

Cybersecurity Skills Shortage, cybersecurity, cybersecurity professionals

How to Properly Position the CISO for Success

How to Properly Position the CISO for Success

As I travel the U.S. and the world, I am frequently asked what the proper reporting structure is for the Chief Information Security Officer (CISO). While it sounds cliché, the real answer is “it depends.” First, it is critical to understand the security goals for the organization and leadership’s perspective on security. Other factors such as company maturity, size, industry and the role you want the CISO to play should be considered. Only then can you determine if the CISO should report to the CEO, the CIO, the CRO, the CFO or some alternative reporting structure.

Position the CISO for Success, CISO, cybersecurity, security

Breaches and Leaks Soared 424% in 2018

Breaches and Leaks Soared 424% in 2018

Nearly 15 billion identity records circulated in underground communities in 2018, a 71% increase over the year as hackers targeted smaller organizations more widely, according to a new report (…).

breaches and Leaks, breaches, leaks, hackers, cybercrime, cybersecurity, cyber-criminals

5 Key Skills Every Incoming CISO Should Have

5 Key Skills Every Incoming CISO Should Have

CISO roles – both full-time and fractional – are on the rise. Their skills can help a growing organization enhance its security program, keep it on track, and guide in times of crisis and change. However, finding the right CISO can be tricky business, especially if this role is new to your organization. Here are the skills to look for when hiring your CISO.

CISO, cybersecurity, security

The Importance of Cybersecurity in Modern Video Surveillance Environments

The Importance of Cybersecurity in Modern Video Surveillance Environments

For organizations to identify security threats and vulnerabilities, mitigate risk, ensure operational compliance and combat fraud, a comprehensive and innovative security approach is necessary. With today’s evolving risk landscape and the increasing complexity and severity of cyber threats, we must take advantage of emerging technologies, strong internal operator and process policies, and advanced analytics must be used to protect customers, staff and assets.
Cybersecurity in Video Surveillance, cybersecurity, vulnerabilities, video surveillance

Monitoring logons the most effective way to detect a data breach

Monitoring logons the most effective way to detect a data breach

Monitoring logons, detect a data breach, Cyberattack, cybersecurity
Monitoring corporate logins is the most effective way to detect a data breach within an organisation, according to a new report on the ‘key indicators of compromise’ by IS Decisions.

Mismatched port and application traffic, increases in data reads or outbound traffic, geographical irregularities regarding the perimeter of the organisation, and data access at irregular times and locations are other key indicators identified. But the one common activity across nearly all attack patterns, necessary to perform basic hacks on network perimeters and endpoint devices, and move laterally across devices to access data unlawfully, is use of corporate logins.

SIEM challenges: Why your security team isn’t receiving valuable insights

SIEM challenges

SIEM challenges, information security, cybersecurity
Today, many enterprises use security information and event management (SIEM) software to help detect suspicious activity on their networks. However, to be effective organizations need to surround a SIEM with security experts, advanced use cases, threat intelligence, and proven processes to investigate and respond to threats.

How to Change Behavior for Stronger Security System Cybersecurity

How to Change Behavior for Stronger Security System Cybersecurity

Security System Cybersecurity, Cyberattack, cybersecurity, information security, cyber risk, cyber security
How Healthy Are Your Cybersecurity Habits?

There is a world of difference between knowing the right thing to do and actually following through and doing it. Think about doctors who repeatedly remind their patients to quit smoking, or to be careful with their cholesterol, to get regular exercise and adopt healthier eating habits instead of eating bacon with every meal. We know what we should do. Quite often, though, that knowledge is not enough to actually change our behavior.

You were probably aware of some fundamental cybersecurity best practices before you started to read this article. But let’s focus on two: passwords and firmware.

3 Questions to Improve Cyber Incident Recovery

Cyber Incident Recovery

Cyber Incident Recovery, Cyberattacks, cybersecurity, information security, NIST cyber security framework
The NIST Cybersecurity Frame-work focuses twice on the concept of improvement, doing so within both the Respond and the Recover functions. For improved response, NIST recommends that organizations incorporate lessons learned into their response plans and update their response strategies. When it comes to improved recovery, NIST echoes that guidance: Companies should incorporate lessons learned into their recovery plans and update their recovery strategies. Because of these similarities, it is helpful to consider this article in the context of our May 2017 Cyber Tactics column, “Been Hacked? Let That Be a Lesson to You.”

The Internet of Things Invades Physical Security

The Internets of Things Invades Physical Security

Physical Security, information security, cybersecurity, privacy

The physical security space is changing, with emerging threats, new criminal techniques, terrorism and hostile activism just of few of the drivers of change.

The implications are profound. The world of physical security systems is being invaded by multiple new and emerging technologies. Arguably, the technology currently showing the greatest potential implications have a wireless Internet connection to pass their status (data) via digital communications to other components, devices or systems. Given the growing capabilities of these emerging IoT devices, they are likely to transform electronic security systems that protect physical assets. Corporate security staff that operate, manage and monitor the electronic security systems used in the facilities they are assigned, in most cases, have not been trained on how to use the security systems equipment.

Cybersecurity Tips for the Break Room and Boardroom

Cybersecurity Tips for the Break Room and BoardroomBy Security Magazine on 5 January 2017
c-suite security metrics, cyber security education, cybersecurity awareness, cybersecurity leadership, security training, cybersecurity

Every day we are updated about the latest cybersecurity breaches – whether it’s Yahoo, Dropbox or LinkedIn, how many records have been stolen, or how much companies have paid in result from ransomware or financial fraud.

However, are employees and executives aligned with cybersecurity awareness? Are the risks and top discussions that happen in the break room similar to those that happen in the boardroom? The topics and concerns are farther apart than you could ever imagine.

Never stop learning – the need for a risk-based approach to cyber-security

Never stop learning - the need for a risk-based approach to cyber-securityBy Security Magazine on 1 December 2016

cyber-security

It probably comes as no surprise to IT security professionals that cyber-attacks are now becoming more sophisticated and more commonplace. For years, cyber-experts have been warning that we are entering the “age of the cyber-attack,” predicting that a digital attack will now bring about the end of civilisation rather than a nuclear war. While this is clearly an extreme example, what is surprising is how ubiquitous and effective cyber-attacks have become, despite vendors and experts warning about their risks for over a decade. However, even if an organisation has a robust cyber-security policy in place, this alone is not enough to protect it from cyber-attacks. Trust us, we know because we’ve been there.