Barring winning a major lottery or inheritance, during a 40+ year working life in the security profession, security leaders will likely make a dozen or more job changes. While some of these may be significant responsibility shifts within a single organization, in today’s environment it is likely that a person will be changing organizations and even the type and/or responsibilities of various roles. One of those changes may include self-employment. Here’s what you need to know to ponder the transition.
The SolarWinds cyber compromise makes Cyber Tactics’ columnist John McClurg reflect and rethink about nation-state adversaries, insider threats, spearphising, AI-machine-powered learning, crimeware-as-a-service and much more. Here, he takes a look at what risks persist within organizations and potential consequences.
Lessons are best learned when we don’t expect them. That’s why television ads can have a profound impact. Though some are mindless or annoying, others are transformational and enduring, and many relate to leadership and management. The powerful lessons in leadership can be taken and used for your own inspiration.
In this article, we discuss how two-factor authentication has been evolved to address the shortcoming of single authentication systems. We also discuss how we can utilize a blockchain technology to transform 2FA by migrating the centralized network into a decentralized blockchain network. As more Internet-of-Things devices require authentication credentials and users increase their repository of usernames and passwords for accessing web services, the emergence of 2FA solutions based on blockchain technology is inevitable.
Every organization has hundreds of applications and databases, and its employees access them every day using their credentials (that is, their username and password). An attacker with such valid credentials can bypass existing security solutions, as they look like a legitimate user. As per the Verizon Data Breach report in 2016, more than 63% of successful breaches involved compromised credentials. Two-factor authentication (2FA) provides an added layer to the existing credential-based system protection as a solution to this drastically growing problem. As such, in this article, we will cover the following two topics: What is 2FA and Blockchain for 2FA.
The cybersecurity industry has embraced MITRE ATT&CK for good reason: it provides security leaders and practitioners an objective, third-party standard with which to evaluate their own detection coverage and EDR solutions. But even while they recognize the value, many organizations are unsure about what specific steps they should take to fully benefit from MITRE ATT&CK.
As Joe Biden takes office, Justin Crump – CEO of the global risk and intelligence consultancy Sibylline, takes stock of the challenges the new administration will face and a reminder that we all need to think widely and openly about possibilities in a volatile, uncertain, complex, and ambiguous world.
In the past year, COVID-19 has had a larger impact on work habits and security environments than any other health emergency in memory. That combined with technological advances such as 5G has led to several trends we expect to see in this New Year. Here then are our top ten:
As the headlines showed, ransomware continued to be the weapon of choice in 2020, and extortionware is on the rise. While ransomware has become a tried and true method at this point, extortionware tactics are raising the stakes by threatening to expose sensitive information if the ransom is not paid.
Companies hold more data on us today than ever before, and many of us are left in the dark on just where our personal, often sensitive, information lives. The daily headlines on data breaches and the mainstream attention in the form of documentaries like Netflix’s “The Great Hack” and “The Social Dilemma” have made clear to the public: it’s time we all do a data detox.
Cybercriminals can take advantage of human weaknesses in one place and use them in other places where they can get financial or other gains. Email addresses, real names, real addresses, phone numbers, date of birth, etc., all are valuable information for cybercriminals. They can build their database with this personal information and use them in future attacks. This is why practicing good cybersecurity habits as users and as administrators is critical for all of us for all systems we use.