Web Exclusive Stories

RSS

You want to begin implementing zero trust security at your organization, but where do you start? Let's walk through clear stages to build a zero trust framework that serves as the roadmap for your organization’s journey to better security and greater efficiency.  

Assessing cyber risk is essential to a business and is a key contributor to its overall reputational risk. Businesses need to take cyber risk into account in overall business strategy and planning. 

When employing a zero trust strategy at an enterprise, cybersecurity teams must consider instituting a least privilege policy — providing only strictly necessary access credentials to employees and revoking them when no longer needed.

Women make up only 24% of the cybersecurity field, according to an ISC² study. Cybersecurity leaders Sharon Smith, Lori Ross O'Neil, Aanchal Gupta and Meg West discussed how to solve the problem of underrepresentation in the industry at the ISC² Security Congress 2021.

Whether remote, in the office or in a co-working space, all employees must be sensitized to cyber threats. It is important not only to provide training for employees but also to give IT security a permanent place in the corporate culture. 

Despite a company’s belief on how it would respond in the event of a ransomware attack, companies should consider opening a bitcoin account with a nominal amount of bitcoin in it so that it is at least prepared to make the tough decision should the need arise. 

The recent pandemic accelerated a trend towards remote work that has been ongoing for years and, as a result, accelerated usage of cloud-based collaboration platforms and their impact on the field of digital forensics. This article will discuss the trends and challenges associated with these platforms as they pertain to cloud-based data collection and its use in forensic investigations.

We spend a lot of time and effort so we can spot attackers — and for a good reason! But without visibility into our own organizations, we’re left with too much uncertainty. So how can you use more visibility to counter the fog of war?

A recent surge in cyberattacks, including SolarWinds and Colonial Pipeline, has intensified a focus on cybersecurity across industrial sectors and critical infrastructure. As a result, the U.S. government and other organizations within the nation’s defense supply chain have taken action to protect the critical assets and organizations that ensure the security and prosperity of our country. 

Like many other security processes, penetration testing and threat hunting are often incorrectly equated. However, the difference between the two is that between prevention and detection.