One of the challenges of becoming a resilient organization is understanding exactly what that means. Resilience is interpreted and implemented in many different ways and today’s global business environment likely won’t change that anytime soon. Understanding the differences in how resilience is understood and implemented in companies across all sectors and geographies is helpful for your team's own journey to resiliency.
Just like every company in the business world, cybercriminals are looking to boost their sales. With ransomware, they’ve found a way to force victims to pay. And in their quest, cyber attackers are borrowing a playbook from sales teams in legitimate businesses.
As the cybersecurity community slowly recovers from the SolarWinds Orion breach, we speak to Michael Bahar, a leader in cybersecurity and privacy, about the aftermath of this attack. Bahar is a partner in the Washington D.C. office of Eversheds Sutherland (U.S.) LLP, and the firm’s Litigation practice. He was Deputy Legal Advisor to the National Security Council at the White House, former Minority Staff Director and General Counsel for the U.S. House Intelligence Committee, and a former Active Duty Navy JAG.
An example of how businesses are benefitting from integrated cloud-based systems would be in the retail industry. Retail end users have integrated their security camera network, heat-mapping and video analytics technology with a cloud-based system so they can remotely monitor who is in their store. The heat-mapping and analytics technology also showcases where customers are spending the most time in their store, providing retailers with insight as to where they can place specific item displays or promotional items. This information can also be used to inform on if a specific location in a store needs additional signage to encourage social distancing, or even if it needs increased camera coverage within a store. The practical applications of integrated cloud-based systems and other security technology are nearly endless.
Any server connected to the internet is at risk of getting attacked by hackers. Penetration testing or pentesting simulates a DDoS attack in a controlled environment with ethical hackers to assess the risk exposure of the servers. Organizations can use pentesting to identify vulnerabilities in the system and work to resolve any risks. Let's discuss how to design and build a robust and comprehensive pentesting program.
If the experiences of 2020 taught us anything, it’s that risk in the modern world cannot be understood or sufficiently mitigated with a siloed approach. Individual threats, such as regulatory risk and IT security, converge. Lacking a high-level view, it’s difficult to see the web of cause and effect – making it more difficult to anticipate, prepare, or mitigate the biggest risks. 2020 may be over, but the challenges remain in 2021. Compliance and risk management will need a shared umbrella of information and communication to tackle the complex, integrated risks of today’s landscape.
A combination of factors are likely to keep the world on this path in the near term regarding social unrest. An atmosphere of social unrest has potential consequences at the enterprise level in terms of risk and resiliency and business continuity. Here are five concrete steps security leaders can take to prepare for or reevaluate their existing response plans.
The complexities of corporate security call for truly global visibility and situational awareness. To get there, GSOCs should consider adopting a program of threat intelligence and digital risk protection (DRP) to keep digital assets safe.
Virtual platforms are a great tool to bring people together. And at least initially, virtual backgrounds were fun. Many of us used virtual backgrounds to redecorate our homes, try out new styles and show off some of our personal interests. But the trend now seems to be shifting. My experience is that people are now increasingly using real backgrounds for virtual meetings. Both virtual and actual backgrounds are acceptable during online meetings. However, there are at least four important things that work-from-home warriors should consider when choosing to share their real backgrounds given that many of us are still working from home offices.
Every week there seems to be a news story about another massive data breach with millions—and sometimes billions—of records containing personal data lost or stolen. We regularly hear about cyberattacks involving brute-forcing secure logins or exploiting software flaws, but there’s a new segment of the cybercriminal economy that’s growing fast: attackers who target companies that have unintentionally left data out in the open via misconfigured databases.
RSS
