The recent attack on SolarWind's Orion product demonstrated how vital it is for Chief Information Security Officers (CISOs) and their teams manage supply chain risks and understand all the products in their environment and how they are being used. Here we talk to Michael Lines, CISO and Head of Security Product Management at Cleanshelf, about why the IT and information security community should be concerned after the SolarWinds hack.
Ransomware can be delivered via several mechanisms, the most popular of which is often phishing. However, a new category called “Human-Operated“ Ransomware is now being used to execute multi-level attacks against company networks. Here’s how it works:
While the jury’s out on whether these applications will be an effective tool for contact tracers, or if the majority of citizens will fully embrace these applications, it’s clear that contact tracing will likely become a part of our daily lives. To keep these technologies on the right track, developers, policymakers and stakeholders must ask questions to measure effectiveness, while addressing key issues to prevent abuse and secure consumer data.
Executive protection is a profession that has an extensive history. This tradecraft began back in late B.C. to 312 A.D., with Roman protection groups that guarded emperors.
ASIS International’s Certified Protection Professional (CPP) certification is highly beneficial for security professionals seeking leadership roles. It has its flaws but, anecdotally, I have seen it mentioned in job ads more often than any other designation. When I passed the requisite exam in early February and promised to offer my thoughts, the reaction from future test-takers was welcoming. So here they are. To paraphrase the Law & Order TV franchise, “this is my story. DUN DUN.”
The World Economic Forum's Global Risk Report for 2021 placed cybersecurity failure among the greatest threats facing humanity within the next ten years. Clearly, in this climate, and since many jumped into the world of cyber operations without adequate preparation, cybersecurity is now a critical priority.
Identity management has become a focal point for enterprise security. With the 2020 COVID-19 pandemic and the scramble to support work-from-home employees, the real threat to business data assets, whether in the enterprise or the cloud, has become unsecured remote access.
A small, private college in Ohio, Cedarville University implemented its Caring Well, Staying Well plan to help students return to campus safely amid the COVID-19 pandemic. In addition to mandating masks, coordinating outdoor and virtual worship services and other initiatives, Cedarville University deployed Wi-Fi based occupancy sensors to help students and staff reduce crowds and maintain social distancing at its on-campus dining facilities.
The new year is upon us, and as such, it is a time to reflect on what worked over the past 12 months, and more importantly, what didn’t work. Organizations all over the world are utilizing applications, operating systems, and IoT devices while their data, and their customer’s data, increasingly lives in the cloud. Organizations should take the beginning of the year as a housekeeping opportunity to assess their systems to set themselves up for success in the new year.
American Security Drone Act of 2021 The American Security Drone Act of 2021, formerly introduced as the American Security Drone Act of 2019, was given new life in January 2021 with bipartisan support and now incorporates drone detection and mitigation systems, not just drones. Here are five questions you can ask RF-based technology vendors to determine if they are in compliance with the federal advisory or could be banned by the American Security Drone Act of 2021 for security and cybersecurity reasons.