Like many other industry buzzwords, there’s a lot of hype around security automation. Yet, for the first line of defense in an enterprise environment, the analysts working in the security operations center (SOC), the notion of automation is more headline than reality. Many basic tasks – logging, fault isolation, reporting, and incident troubleshooting – are still very much manual.
The best way to protect accounts and data from credential stuffing and online phishing attacks is to stop reusing the same passwords on multiple accounts. All accounts—but especially accounts related to work, retail, finance, and government—should be protected with strong, unique passwords. What are a few best practices to ensure employees are safer online?
Preventing identity-based attacks such as account takeover (ATO) fraud and Business Email Compromise (BEC) begins with securing your personally identifiable information (PII), but this seems to be increasingly difficult as cybercriminals continue to evolve.
Although distributed denial-of-service (DDoS) is an old school attack vector, it continues to be a serious threat to organizations. The monthly number of such attacks exceeds 400,000. To top it off, cybercriminals keep adding new DDoS mechanisms to their repertoire and security providers aren’t always prepared to tackle them. Here are 26 different types of DDoS attacks your security team needs to be ready for.
As we enter the new decade, we stand reminded that technological innovation and cybersecurity threats continue to develop and evolve at an incredible pace. Firms must therefore continue to build the proper defenses to protect consumer confidential data and financial market integrity. Cyber threats have become one of the top threats to the financial services sector and the ability of firms to be resilient in the face of these threats is paramount.
More companies are doing more business online to survive the pandemic, and that’ll create even more data privacy concerns going forward. At the same time, new privacy regulations have taken hold, most notably the California Consumer Privacy Act. What are 5 steps to achieve compliance?
What are some simple risk management rules that will support healthcare organizations, without significantly exposing it to major security risks as they adapt to this new and challenging COVID-19 situation?
The best way to prevent scripting attacks, such as those that implement Python back doors or compromise PowerShell, is to implement identity-based zero trust. In a zero trust environment, IT treats the internal network as if it were the public internet, a place where nothing can be trusted, and anything can be a threat.
Michigan Governor Gretchen Whitmer announced the "Futures for Frontliners” program to provide a tuition-free pathway to college or a technical certificate to essential workers who don’t have a college degree.
What are some key areas to consider when you are constructing a strategy to address your successor and the replacement of other positions within your direct and functional organization?