What’s your security story? How to use security as a sales tool

Security teams often believe that their job is security, not process efficiency, and definitely not business profitability. And subsequently they are viewed as technical risk managers tasked with prevention instead of growth, compliance in place of strategy, and implementing technical solutions instead of encouraging culture change. Information security is perceived as a cost center, and […]

Avoiding the Ransomware Mistakes that Crippled Atlanta

Last month, five of Atlanta’s 13 government offices were “hijacked,” as the city’s mayor put it, by ransomware that disrupted far-reaching facets of the city’s digital infrastructure. This was hardly an isolated incident. From Dallas to Denver, hackers leveraging ransomware have been able to “hijack” municipal networks largely because these entities were poorly protected. Atlanta was an […]

Improving Security By Pulling The Plug On USB Ports

When it comes to cybersecurity, it’s no secret that the human aspect of any organisation is its weakest link. From bad password sharing practices to falling victim to phishing emails, these challenges are any CISO’s nightmare. After all, the holes in network security that are created by the people on the front line of an […]

HTTP Injector Steals Mobile Internet Access

A new attack in the wild leans not on email nor ransom, but on YouTube, Telegram, and HTTP headers intended to confuse an ISP. Researchers at Flashpoint found that hackers have developed HTTP injectors that gain them free Internet access on mobile phone networks — and that they’re trading these injectors like cents-off coupons at […]

How many can detect a major cybersecurity incident within an hour?

Less than half of all organizations were able to detect a major cybersecurity incident within one hour. Even more concerning, less than one-third said that even if they detected a major incident, they would be unable to contain it within an hour, according to LogRhythm. The study, conducted by Widmeyer, which surveyed 751 IT decision makers […]

4 steps to creating a winning cybersecurity strategy in 2018

Most organizations are in the phase of rapidly gearing up to contain and manage cybersecurity threats. The question is how and where to begin? In many ways the US Federal Government went through this same difficult phase in 2015 due to the OPM data breach. There are some worthwhile lessons to be learned­­. One of the key […]

6 Myths About IoT Security

There’s every reason to be concerned about the potential of an IoT system, sensor, or device being hacked in the enterprise or a user’s home office. These devices regularly are exposed for their vulnerabilities, and most are not built with security in mind. An attack via an IoT device can blindside an organization: Take the […]

Information security can enable business as soon as we change the conversation

Information security is an enabler for business. This has been a mantra for some time, and although it is repeated at major conferences, the reality is that the lack of good security practices is more a disabler. Our demands for better security and privacy controls are often reflected in case studies in which the failings […]

100% of web applications vulnerable to attack, despite billions spent on security efforts

Companies will spend an estimated $96 billion on cybersecurity efforts in 2018, but 100% of web applications remain vulnerable to attack, according to Trustwave’s eleventh annual Global Security Report, released this week. The report examined how the cyber threat landscape has evolved in the past decade. In 2008, the largest cyber threats were opportunistic, with attackers trying […]

Once a target, always a target: If you’re hit by hackers you’re likely to be hit again

If you’re unlucky enough to fall victim to hackers, you’re likely to fall victim to a similar cyber-attack or data breach in the months following the initial problem. According to the newly-released FireEye M-Trends annual report for 2018, 56 percent of organisations that were targets of a significant attack in the last year and a half […]