The Standoff, an online offensive/defensive competition in which defenders (blue teams) compete against attackers (red teams) to control the infrastructure of a simulated digital city, has concluded.
The event took place Nov. 12-17, 2020, pitting information security veterans against skilled hackers in a battle to hack mock banks, utilities, airports, downtown hubs, IoT systems, cargo and public transportation, telecoms systems and more.
Between distributed workforces and scattered schedules, there’s no doubt the work environment has faced enormous disruption over the past few months, forcing enterprises to modernize their security measures. The solution? Jason Soroko, Chief Technology Officer (CTO) at Sectigo, believes it's a Zero-Trust Security Strategy. Here we talk to Soroko about the importance of a zero-trust strategy, especially during the ongoing COVID-19 pandemic.
Government can no longer afford to pursue monolithic, exquisite technology solutions. Given rising citizen expectations and the fast-changing technology landscape, state and local governments need to work closely with key stakeholders, including both citizens and IT vendors. This vision – call it “Connected Government” – will drive IT modernization. It’s a relationship-based approach to technology that will help state and local governments meet the immediate challenges of remote work and virtual citizen service, while also helping government IT leaders keep pace with innovation. Given the potential power of a Connected Government approach to IT services, it’s worth taking a deeper dive into how this mode of operation works.
Generally, the chief information security officer (CISO) is thought of as the top executive responsible for information security within organizations. However, in today’s remote work environment, the need to expand security beyond one department or the responsibilities of CISOs is more important than ever. Due to the pandemic, the physical barriers of the office have been removed and the threat surface has exponentially expanded leaving more endpoints to be attacked. In this scenario, each employee’s home office has become a new potential risk, which is why building a strong security culture within organizations should be a priority.
As increasingly sophisticated cyberattacks continue to target healthcare’s essential systems - including networks, IoT medical instruments, and mobile devices - the need for advanced security protections continues to grow. Healthcare leaders are beginning to embrace the truth: cybersecurity is now an indispensable part of patient care.
Yet even as this move toward secure connected technologies expands, a favorite target of malicious actors continues to be the healthcare organization’s website - especially if the site is powered by WordPress.
Budget bandwidth is often a strong contention point for businesses. And even with the increase in cybercrime threats, some firms still struggle to allocate proper budget allowances to meet security and regulatory requirements. According to a recent report by Accenture, organizations face on average 22 legitimate security breaches each year and the average cost of a single cyberattack is $380,000.
The following outlines three steps the C-suite and other executive team members should take to prevent and survive a data breach. But first, it’s imperative all involved heed this initial piece of advice when planning cybersecurity; treat breaches not as a possibility, but as something that is going to happen.
Meet Stephanie Benoit-Kurtz, lead of cybersecurity faculty at the University of Phoenix – Las Vegas. She is also director of cybersecurity for Station Casinos in Las Vegas. She has spent three decades in the IT industry, working for a variety of large and small organizations and as a consultant. In the early days of her career, despite being part of the team responsible for implementing decisions at the IT company where she was employed, she “was routinely left out of the decision-making process. Here, we talk to Benoit-Kurtz about how the cybersecurity space has changed over time, and how the industry can embrace more individuals to meet demand and close the cybersecurity gap.
Building a cyber-resilient enterprise informed by threat intelligence is not an easy task. Risks and requirements are often as unique and diverse as organizations themselves. Determining factors like industry, size, and market contribute to one simple truth: a one-size-fits-all approach to incorporating threat intelligence does not exist. Some invariants, however, do remain; successful threat intelligence programs must staff the right people in the right positions. Below, I’ll introduce four core threat intelligence focuses to consider as businesses plan and allocate budgets for 2021:
Analyst1, provider of a threat intelligence platform (TIP), added recognized cybersecurity industry veteran, Jon DiMaggio, to its executive team. As chief security strategist, DiMaggio will be responsible for driving security research and strategy for the next generation threat intel company.
