Today’s customers rarely bat an eye when they receive a security alert from a company with which they do business. That’s because large tech companies have baked identity confirmation and notifications of suspicious activities into their everyday user experiences.
Domestic critical infrastructure is arguably now more at risk than at any point in living memory, and certainly in a peacetime context. As a consequence of the pandemic, there have been multiple attacks on electricity grids, water systems and energy organizations, election locations, and newly distributed enterprises. What is the best way to go about protecting what is at risk?
COVID-19 has caused havoc on the schools across the U.S. In the spring, school districts did whatever they could to provide the tools to students to get through the end of the school year. As schools are starting up around the country this month and next month, the challenge school IT departments are having is how to secure all of the devices distributed to students. Here, we talk to Jake Kouns, CEO and CISO for Risk Based Security, where he leads the company’s technology strategy and is responsible for product vision and leadership in the security industry.
This article discusses extremism in the United States as we close out 2020 and look to 2021. Security professionals can educate themselves on what extremist groups are out there and where the risks lie.
The U.S. Department of the Treasury has placed businesses on notice that payment of ransoms to certain cyberattackers could get a company in trouble under U.S. sanctions laws and regulations for helping to finance sanctioned organizations. Sanctions violations carry significant civil and criminal penalties, as well as reputational and other risks. So how should your company handle ransomware?
While there are several security concerns that cloud users must address in the long run, here are three critical areas that must be given immediate attention, especially now as organizations are planning to scale their remote work setup, and nine best practices organizations must follow to ensure optimal safety of their cloud instances.
Traditionally, security operations centers (SOC) used tools such as endpoint detection and response (EDR), network detection and response (NDR), and security information and event management (SIEM), but as a result of the rush to remote work, many security teams have found their tools are now blind to many new and emerging threats.
With mobile usage a dominant channel going forward, authentication techniques need to move beyond two steps forward for authentication and one step backward for user experience. Just as passwords are being discarded because of the high friction they create for users, new multi-factor authentication techniques are moving in.
A recent survey conducted among consumers and IT professionals by SecureAge Technology suggests that a majority of these groups believe COVID-19 contact-tracing technologies put individuals' personally identifiable information (PII) at risk. Generally, however, both these groups believed that these types of tools could help mitigate the spread of the disease, and would support a nationwide rollout of the technology in spite of privacy concerns. So, are contact tracing apps a 'necessary evil'? If so, what can be done to make these apps safer to protect PII and the privacy of the public? Here, we talk to Paul Kohler, Chief Technology Officer (CTO) at S3 Consulting.
It’s a typical day in the Global Security Operations Center (GSOC). The anticipated chatter on the phones, radio communication, and sounds of the software giving audible alerts are all what you’ve come to expect in this busy hub of the security program.
RSS
