Security & Business Resilience - Articles - Page 315

Preventing Scripting Attacks on Powershell with Identity-Based Zero Trust

May 4, 2020

The best way to prevent scripting attacks, such as those that implement Python back doors or compromise PowerShell, is to implement identity-based zero trust. In a zero trust environment, IT treats the internal network as if it were the public internet, a place where nothing can be trusted, and anything can be a threat.

Security Talk

Goodbye and Good Luck, Laura

Diane Ritchey

May 4, 2020

Laura Stepanek, Editor-in-Chief of SDM Magazine has retired. For 36 years, she was the face of SDM, and she has witnessed how new technology has changed the security industry. We wish the best for Laura in her well-deserved retirement.

Senators to Introduce COVID-19 Consumer Data Protection Act

Although it is unclear whether the forthcoming bill has any chance of becoming law, it is further evidence that companies need to consider the significant privacy issues and risks associated with implementing COVID-19-related technology.

David M. Stauss

May 1, 2020

On April 30, 2020, a group of four Republican Senators announced their plan to introduce federal privacy legislation that would regulate the collection and use of personal information relating to the fight against the Coronavirus pandemic. How would the proposed bill, COVID-19 Consumer Data Protection Act, attempt to solve privacy concerns?

War at Home: How U.S. Corporations are on the Front Lines of the Silent War on Privacy

Jarrett Kolthoff

May 1, 2020

The four individuals who were identified and indicted by the Trump Administration in relation to the Equifax breach from 2017 is yet another example of the overt collection efforts by the Chinese government to steal Americans’ sensitive personal information. The openness of the U.S. government to share these examples should help bring the reality of cyber threats to the forefront in corporate board rooms and research universities. I would like to highlight that these particular attacks were conducted for a different goal – espionage.

COVID-19 and Enterprise Security's Response

What challenges has COVID-19 presented to enterprise security?

Diane Ritchey

May 1, 2020

What challenges has COVID-19 presented to enterprise security, how did business continuity plans evolve and what lessons have enterprise security learned?

Leadership & Management

Servant Leader? Now's the Time to Prove It

Michael Gips

May 1, 2020

"No one knows." We keep hearing that phrase. But, it's up to security professionals, healthcare workers and public safety officers to truly inhabit many leadership titles during COVID-19.

Strong Cybersecurity: The Critical Role of Lifecycle Management - Security Magazine

Protecting VPNs from DDoS Attacks in the Age of Remote Work

Tom Bienkowski

April 30, 2020

As a result of the COVID-19 pandemic, more people than ever are working remotely. Because of this recent and rapid transition, users are accessing corporate resources from their homes and generating unprecedented amounts of network traffic. IT departments face increased pressure to ensure business continuity by providing remote users with access to essential corporate applications and services through Virtual Private Networks (VPNs), which are designed to provide access to private networks through shared or public networks.

MSPs are the Latest Ransomware Target: Are You Safe?

Shridar Subramanian

April 29, 2020

Ransomware is costing businesses—in ransom, yes, but also in downtime, the cost of which is typically 23 times greater than the ransom requested. The attacks are affecting large organizations and cities including Atlanta and Baltimore. Cybercriminals aren’t just attacking end-users; MSPs are the latest on the hit list.

David Bradbury Named Chief Security Officer at Okta

April 29, 2020

Identity company Okta has hired its newest chief security officer, David Bradbury.

Cybersecurity Whistleblowing in a Pandemic

Alexis Ronickher

Matthew LaGarde

April 28, 2020

While employees are the key to identifying cybersecurity vulnerabilities quickly, many companies have failed to create a welcoming environment for whistleblowers. During COVID-19, how can you safely blow the whistle?