Cybersecurity

RSS

While the concept of Zero Trust was created 10 years ago, the events of 2020 have thrust it to the top of enterprise security agendas. How should organizations go about applying the Zero Trust blueprint to address their new and complex network reality? These five steps represent the most logical way to achieve Zero-Trust networking.

The U.S. Department of Justice (DOJ) has charged six computer hackers, all of whom were residents and nationals of the Russian Federation (Russia) and officers in Unit 74455 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces. The group is believed to be part of one of Russia's most elite and secretive hacking groups, known as Sandworm.

The restaurant group that owns more than 80 locations was dealing outdated legacy hardware and changing regulations, which posed a challenge for a 45-year-old company like Thrive. Unreliable CCTV equipment left the restaurants vulnerable to security risks. Constantly evolving PCI-compliance rules meant the company had to devote hours of his limited bandwidth to keeping up with the latest changes and updates so Thrive could avoid major penalties and security threats.

This study looked at the most desired certifications, skills and positions right now that organizations are looking for with cybersecurity positions.

But at many businesses, the company security posture hasn’t kept pace with the volume of data flowing to and from multiple SaaS vendors. It’s an urgent issue in an environment where endpoints are proliferating and hacking techniques are getting more sophisticated. That’s why it’s never been more urgent to upgrade the security posture and reduce the risks associated with SaaS solutions.

AppOmni released findings of their latest survey highlighting the security concerns of cloud SaaS applications as they become more essential for enabling remote workers.

The National Security Agency (NSA) announced the release of SkillTree, an internally-developed open source solution for gamifying user training. SkillTree provides a systematic and interactive way to promote user proficiency of an existing application. The service is based on industry best practices using gamification to provide awareness of tool features, promote best practices, and document user progression and expertise. By reducing an application’s training curve, SkillTree reduces traditional comprehensive training costs while providing a more enjoyable experience for the user.

The responses reveal deep divisions in how differently security execs are responding in the face of real business continuity challenges posed by the pandemic. For example, 26% of CISOs surveyed have introduced more stringent endpoint security and corporate access measures since the arrival of the pandemic, while 35% have relaxed their security policies in order to foster greater productivity among remote workers; 39% have left their security policies the same, according to a new study.

Proactive cybersecurity programs include comprehensive activities that involve not only the IT and security teams, but also the CEO and boards of directors. Examples of key proactive activities include identifying risk tolerance, defining governance structures, and developing comprehensive security strategies. Throughout this article, we will review key domains where organizations can proactively fortify their cybersecurity measures. COVID-19 has increased threat activity and created unique changes — and increased risk — in IT environments. Now is the time to review some “quick hit” areas where you can bolster your cybersecurity and execute your winning strategy.

Purdue University is offering new cybersecurity short courses in social engineering and digital forensics as part of a growing suite of offerings through the Purdue Polytechnic Institute’s Cyber Education Network Training Resources (CENTR).