Stories about cyberattacks and security breaches are popping up more and more frequently in the news and it seems as though no company is immune to the sophisticated strategies hackers use to obtain high value confidential data. These data hacks result in bad PR, lost customer trust, possible fines, and potentially ruined reputations. Needless to say, it should have you questioning whether or not your data is properly protected, and the answer is — it’s probably not.
According to the Information Security Forum (ISF), with growing recognition that security awareness in isolation rarely leads to sustained behavior change, organizations need to proactively develop a robust human-centered security program to reduce the number of security incidents associated with poor security behavior.
Tim Wiseman, the University of Wyoming’s chief risk officer, has been elected to the University Risk Management and Insurance Association (URMIA) Board of Directors. Wiseman is one of two new board members selected for a three-year term.
Sumo Logic released findings from its fifth annual report. ”The Continuous Intelligence Report: The State of Modern Applications, DevSecOps and the Impact of COVID-19” provides an inside look into the state of the modern application technology stack, including changing trends in cloud and application adoption and usage by customers, and the impact of COVID-19 as an accelerant for digital transformation efforts.
Few cybersecurity components are as familiar as the next-generation firewall (NGFW) for enterprise protection. Despite this ubiquity, it is common for security teams to operate their NGFW in a suboptimal manner. The TAG Cyber team has observed, for example, that many enterprise teams operate their NGFW more like a traditional firewall. This can result in a reduction of traffic visibility, which in turn degrades prevention, detection, and response.
There is an opportunity here for IT teams to stabilize their work-from-home situations while also preparing for the future back in the office, or for many, supporting a hybrid model. Long term solutions are needed for organizational success. There are many steps that can be taken to ensure infrastructure is properly cared for and ready to be used when teams are able to return to the office.
KnowBe4 announced it is partnering with the Center for Cyber Safety and Education to launch a Women in Cybersecurity Scholarship to offer $10,000 to be applied to tuition, fees, books and required electronics for the recipient.
The Chemical Security Summit will be hosted by the Cybersecurity and Infrastructure Security Agency (CISA) in collaboration with the Chemical Sector Coordinating Council (SCC). The summit is the signature industry event for chemical representatives across the chemical and interconnected sectors—including energy, communications, transportation, and water—to learn, share perspectives, and engage in dialogue. Securing chemicals in an evolving threat environment requires cross collaboration between facility owners and operators, industry, law enforcement, community members, and all levels of government.
Facebook has fixed a critical flaw in the Facebook Messenger for Android messaging app. Natalie Silvanovich of Google’s Project Zero reported the bug to the Facebook bug bounty program. The bug could have allowed a sophisticated attacker logged in on Messenger for Android to simultaneously initiate a call and send an unintended message type to someone logged in on Messenger for Android and another Messenger client (i.e. web browser).
This month, Security magazine brings you the Security 500 Report, Rankings and Thought Leader Profiles. How does your enterprise compare to others? Which security programs are leading the way? Also this month, we highlight how to plan, prepare for and build resilience to protests and other unplanned events, video surveillance tools for SMBs and more.