Maybe you already have a security information and event management (SIEM) service and you are looking for help managing it. Maybe you are thinking of buying a SIEM and concerned it might be too much to handle on your own. Or maybe you are using a managed security service provider (MSSP) and thinking of gaining more control of your data by working collaboratively in your SIEM rather than letting them do all the work. Here are the most common myths, along with the realities of co-managed security event management.
Over the past decade we’ve seen an increase in consumer grade IoT devices, but the security of those devices hasn’t always kept pace with the realities of the cyber threats targeting what is arguably an unmanaged computing device. These cyber threats are made more concerning when the expected lifespan of the device is factored in. After all, dishwashers, thermostats and doorbells aren’t devices like smartphones where there is social pressure to have the latest version.
As CSO of Auth0, Joan Pepin is responsible for the holistic security and compliance of the company's platform, products, and corporate environment. Here, we talk to Pepin, who has focused her time on mentoring and advocating for women in cybersecurity and technology, working to reconstruct the notion that women should only work within their bounds, and encouraging women to reach higher and challenge the status quo. She actively supports, advises, and works alongside women in the cybersecurity industry including participating in organizations, like Women Who Code and Women in InfoSec.
Any apparent election interference from countries like Iran and Russia is typically met with partisan posturing. But while politicians are busy debating which candidate might benefit, there’s a good chance that someone, somewhere, is trying the same thing again right now.
Foreign interference like the recent incident announced by the U.S. Director of National Intelligence John Ratcliffe is more common than ever because no online data is completely safe from hackers, and digital data is valuable for what it reveals.
There are a number of factors to consider when assessing, planning, designing, deploying, and operating any airspace surveillance, and/or integrated ground and airspace security system. Many of the security process elements tip into sensor requirements and, as a recent Interagency Advisory helpfully noted, some of the sensors provide functionality that is itself illegal.
All of these issues organizations are dealing with at the same time are threatening corporate security and the safety of our employees and executives. To address these situations, we need to know what steps we can take - and take quickly - to ensure our clients are safe and their business operations continue through these exceedingly complicated times.
Defending against insider threats is one of the biggest challenges an organization can face, and the COVID-19 pandemic has only made detection more challenging as remote employees continue to use virtual private networks (VPNs) to access sensitive company files and information. Here, we talk to Carolyn Crandall, Chief Deception Officer at Attivo Networks, to discuss how security teams can use deception technology to detect and prevent insider threat attacks.
Faced with this ransomware onslaught, organizations of all kinds need to rethink how they protect themselves. Part of that rethink means merging the need to provide better privacy protection for their employees with the necessity to protect themselves from the consequences of a ransomware attack exposing both customer and employee data. With federal agencies signaling the possibility of fines for complying with ransomware demands and the liability from exposing personally identifiable data likely to rise significantly, not doing so will soon be too costly to consider.
While traditionally seen solely as a private problem, domestic violence has the potential to significantly impact workplace safety and productivity, and as the line of work-home-life balance continues to blur for many during COVID-19, companies should be on top of their domestic violence response plans to aid and support employees.
Attacks within digital communications channels (like Slack, TEAMS, Twitter, Facebook, LinkedIn) have grown more targeted, more social engineering-focused, and the payloads have become "softer,” and the risks are not in files and links/IP's alone anymore. Instead, recent attacks are laser-targeted and evade traditional detection by focusing on human connections. To find out more about these “soft attacks,” we talk to Otavio Freire, CTO, President & Co-Founder SafeGuard Cyber.
RSS
