Rigorous training as to how hackers are able to get into systems and access sensitive data and how to defend against an onslaught of cyberattacks has given rise to a specific type of training and competition for cybersecurity professionals: Capture the Flag (CTF). To find out more about these competitions, we talk to Dr. David Brumley, CEO of ForAllSecure, Inc. and Professor of Electrical and Computer Engineering and Computer Science at Carnegie Mellon University. 

Healthcare providers remain firmly focused on dealing with the global pandemic, juggling the often-conflicting demands of providing care while keeping patients and staff safe. The financial impact of the pandemic has left many providers on the brink of bankruptcy amid falling patient visits deferred elective surgeries, and insufficient government aid to “fill the gap.”

The answer is yes, but the how may be different than you think.

It’s easy to see how network tool sprawl gets started. The needs and challenges facing security and networking groups are immense. Network speeds have steadily increased, and there are always new demands and uses. Network conditions and requirements change weekly, if not daily. Security threats increase in number and approach. At the same time, technological advancement rapidly brings new solutions to the market that are beneficial in addressing networking and security needs.

While breaches are an inevitable part of doing business, you can limit the negative impact by developing a solid playbook that charts a course to recovery. Examine potential threats, work out how to handle discrete scenarios, and spell it all out for your employees. By compiling policies and work streams, assigning responsibilities, and setting expectations you can build real resilience. Cool heads prevail in a crisis, and nothing curbs the spread of panic as well as a clearly delineated plan. But it’s not enough to craft a playbook, you also need to test it before it can serve as a critical piece of governance for your organization. Let’s take a closer look at the best way to go about developing a playbook.

In this ongoing virtual environment, organizations remain highly vulnerable to the significant cybersecurity risks exposed by widespread remote work - business email compromise (BEC), in particular. How did business email compromise become such a serious threat for organizations, and why should cyber insurance be top of mind right now, as a result? Let’s dive in.

With the healthcare industry expected to spend $125 billion on cybersecurity from 2020 to 2025, dollars must be spent for maximum efficiency. The question is, how to allocate those funds most effectively at a time when cybercriminals have placed a huge target on hospitals, research labs, pharmaceuticals and insurance carriers. Organizations need to take a layered approach to security to protect their organizations and sensitive patient data. The smartest approach is to start at the perimeter and work back toward existing enterprise protections – here’s how to do that.

IoT plays an important role that allows enterprises to go through digital transformation. However, in many cases organizations start to become aware that they do already have a large number of IoT devices which were introduced gradually over the years. One of the main concerns that an organizations face when dealing with IoT is managing risks involved in increasing number of IoT devices. Because of their ability to interact with the physical world, there are safety and privacy concerns when it comes to the security of IoT devices. This paper provides an overview of IoT components, followed by risks and sample attacks. Finally, a list of current and prospective future security solutions is discussed.

Traditional Enterprise Data loss prevention (DLP) tools were not initially designed for protecting unstructured data, and encryption and policy are not centralized and few have taken advantage of improvements in recent years. In the meantime, unstructured data has piled up and is growing.  To target this problem, a new set of vendors and products emerged with “data-centric” solutions adding to the confusion. So many vendors with a variety of capabilities to choose from, but how do you know which is right? What vendor do you choose? The answer to these questions is to think more about what you want to accomplish and weigh the approaches first.

As Jewish families around the world prepared for the High Holidays last month, the most significant days of the Jewish calendar, synagogues prepared to facilitate services under unprecedented circumstances due to the coronavirus pandemic. For those of us that work on providing security for the Jewish community, it would become yet another time of heightened vigilance.