Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-05-28 12:30:03 |
Third-Party Risks Need New Approaches (lien direct) |
>Businesses need to adopt a strategic approach to managing third-party risks that provides an integrated view of the vendor relationship process.
|
|
|
|
|
2019-05-28 10:00:02 |
Interns and Social Media: A Goldmine for Hackers (lien direct) |
>A social media post from one of a company's interns was all this people hacker needed to enter a secure area with a counterfeit employee badge. Learn tips for welcoming new employees securely.
|
|
|
|
|
2019-05-27 12:35:02 |
HawkEye Malware Operators Renew Attacks on Business Users (lien direct) |
>IBM X-Force researchers report an increase in HawkEye v9 keylogger infection campaigns targeting businesses around the world.
|
Malware
|
|
|
|
2019-05-27 11:00:02 |
Is Your Company Culture Seamlessly Secure - or Just Stressful? (lien direct) |
>As security practitioners, we probably have a good grasp of technological controls. But adversarial company culture may be creating stress that keeps people from protecting our data.
|
|
|
|
|
2019-05-24 11:00:03 |
Secure Your Hybrid Cloud Environment With Visibility, Control and Flexibility (lien direct) |
>When it is implemented correctly, hybrid cloud data protection enables organizations to safeguard critical data across their choice of on-premises, public and/or private cloud services.
|
|
|
★★★★★
|
|
2019-05-24 11:00:02 |
How Would You React? What \'Killing Eve\' Can Teach Us About Social Engineering (lien direct) |
Social engineering will always be one of the easiest ways for threat actors to get what they want. So what can enterprises do to decrease the risk?
|
Threat
|
|
|
|
2019-05-23 14:31:03 |
Uncover Modern Identity and Access Management (IAM) Challenges With Enterprise Design Thinking (lien direct) |
>Identity and access management (IAM) has become increasingly challenging due to the complexity of more devices, applications, information, users and data privacy regulations.
|
|
|
★★★★★
|
|
2019-05-23 12:00:01 |
In Light of Ever-Increasing Cybersecurity Risks, Boards Must Deepen Their Oversight and Engagement (lien direct) |
>In light of a regulatory landscape that is becoming more complex and costly, boards need better insight into the organization's risk exposure and its ability to handle cybersecurity risks.
|
|
|
|
|
2019-05-22 13:00:02 |
The Cybersecurity Industry\'s Third-Party Risk Management Problem Is Rooted in Visibility (lien direct) |
Only one-third of organizations feel their processes for third-party risk management are effective. The root of the issue lies in visibility and ineffective process.
|
|
|
★★★★
|
|
2019-05-22 11:30:02 |
Here\'s Why More Security Solutions Doesn\'t Equal Better Security (lien direct) |
Security data isn't useful when it's isolated in data silos. Organizations need a simplified ecosystem of integrated security solutions to keep up with the shifting threat landscape.
|
Threat
|
|
|
|
2019-05-21 10:00:02 |
How Cyber-Secure Are Business Travelers? New Report Says Not Very (lien direct) |
>I know that open Wi-Fi is sometimes better than no Wi-Fi, which is why I always use a VPN when connecting to public networks. But not all business travelers are so careful, according to a new report.
|
|
|
|
|
2019-05-20 11:00:02 |
How to Fight Back Against Macro Malware (lien direct) |
>Per X-Force IRIS, at least 22 percent of reported campaigns in April 2019 delivered macro malware. What methods can defenders leverage to help detect malicious macro activity?
|
Malware
|
|
|
|
2019-05-17 15:20:02 |
Hunt With Intention: Why You Should Adopt Threat Hunting and How to Get Started (lien direct) |
>Hackers today are more sophisticated and coordinated than the dark, hooded figures often portrayed in movies. Threat hunting is critical to spot threats before they cause damage on the network.
|
Threat
|
|
★★
|
|
2019-05-16 12:00:02 |
The Decline of Hacktivism: Attacks Drop 95 Percent Since 2015 (lien direct) |
>Despite the rise in vulnerability reporting, cryptojacking attacks and attacks on critical infrastructure, one threat trend has been on the decline: hacktivism. Where have all the hacktivists gone?
|
Vulnerability
Threat
|
|
|
|
2019-05-15 19:30:02 |
Get Ahead of Cybersecurity AI Maturation by Building a Cognitive SOC (lien direct) |
>Cybersecurity AI is approaching maturity. Are you prepared to defend against a new wave adversarial machine learning risks?
|
|
|
★★
|
|
2019-05-14 14:00:04 |
Security Awareness Training Should Always Lead to Changes in Behavior (lien direct) |
>It's important to recognize that a core outcome of security awareness and training efforts needs to be changing behaviors.
|
|
|
|
|
2019-05-13 15:15:02 |
Meanwhile at the Plant…The Realities of Operational Security in the Age of Connected Machines (lien direct) |
>As OT environments, especially with legacy systems in place, become increasingly connected, they may inherit OT security risks that were previously the domain of the IT environment.
|
|
|
|
|
2019-05-13 12:00:04 |
How a Quirky Gmail Feature Led to a Phishing Scare and a Valuable Lesson in Email Security (lien direct) |
>What began as a moment of panic in the wake of what I thought was a phishing attempt ended up being a valuable lesson about a quirky Gmail feature and how it impacts the email security landscape.
|
|
|
★★★★
|
|
2019-05-13 12:00:02 |
NIST Proposes Privacy Framework to Help Make Sense of Global Privacy Regulations (lien direct) |
>Organizations that approach privacy regulations strategically stand to gain a competitive edge when it comes to building and retaining customer trust.
|
|
|
|
|
2019-05-10 11:00:02 |
4 Information Security Slipups From \'Star Trek: Discovery\' to Avoid in the Enterprise (lien direct) |
How does Star Trek's information security stack up against current cybersecurity hygiene best practices? Turns out the future's not so bright.
|
|
|
|
|
2019-05-09 11:00:02 |
Measuring the Value of Your Unified Endpoint Management (UEM) Investment (lien direct) |
>According to Forrester, unified enpoint management enables customers to initiate a low-touch, no-touch process that reduces the time and effort needed to configure endpoints by as much as 96 percent.
|
|
|
|
|
2019-05-08 13:00:02 |
Beyond 2FA: Secure Your Critical Assets With Risk-Based Multifactor Authentication (lien direct) |
>Passwords have become an insecure and cumbersome form of authentication. Learn about risk-based multifactor authentication, an approach to access management that uses context to determine risk.
|
|
|
|
|
2019-05-08 12:30:04 |
AppSec Insights From Think 2019: Four Steps to Optimize Your Application Security Program (lien direct) |
>Whether you're a small startup or an international enterprise, a successful application security program involves more than just scanning for vulnerabilities.
|
|
|
|
|
2019-05-07 13:35:01 |
Putting the \'S\' in IoT: How to Make Internet of Things Solutions Secure by Design (lien direct) |
When developing and deploying internet of things solutions, achieving security by design is not as simple as picking a secure development life cycle (SDLC) framework and shifting your security left.
|
|
|
★★★★
|
|
2019-05-07 12:30:02 |
How to Make Third-Party Risk Management Second Nature (lien direct) |
>Organizations that sleep on third-party risk management could unknowingly expose their systems to remote attacks, access risks and more.
|
|
|
★★★★★
|
|
2019-05-06 12:00:02 |
Why You Should Constantly Enrich Security Culture Throughout Your Organization (lien direct) |
>Here's what you need to know about organizational security culture - and how to plan for and inspire a better one.
|
|
|
|
|
2019-05-06 11:00:02 |
High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector (lien direct) |
>Is providing effective cybersecurity for the healthcare sector an IT problem or a wider-scope issue? The short answer is that it's both.
|
|
|
|
|
2019-05-02 16:00:02 |
Published Exploits for Accessing SAP Systems Put Security Teams on Alert (lien direct) |
>Researchers published two pieces of exploit code that can allow anyone to interact with an organization's SAP enterprise resource planning platform and perform unauthorized transactions.
|
|
|
|
|
2019-05-02 13:55:02 |
Exploring Ponemon Data: After 4 Years, Is Security Satiated With False Confidence? (lien direct) |
>The "2019 Ponemon Institute Study on the Cyber Resilient Organization" found that although security leaders are more confident in their cyber resilience, they are still overlooking critical areas.
|
Guideline
|
|
|
|
2019-05-02 13:45:01 |
Everything Is Best When It Comes to Cybersecurity Best Practices (lien direct) |
>How can security professionals keep up with cybersecurity best practices without taking too much time away from other responsibilities?
|
|
|
|
|
2019-05-01 15:15:02 |
Are Companies Doing Enough to Secure PII? I Spoke With Security Expert Frank Abagnale to Find Out (lien direct) |
For the enterprise responsible for protecting customers' PII, should passwords be stored at all - even encrypted?
|
|
|
|
|
2019-05-01 12:00:03 |
Penetration Testing Versus Red Teaming: Clearing the Confusion (lien direct) |
>There is some confusion in cybersecurity as to the difference between penetration testing and red teaming. Since all businesses have vastly different security needs, the distinction is critical.
|
|
|
|
|
2019-04-29 14:15:02 |
Facial Recognition, Deepfakes and Biometric PII: Preparing for a Future of Faceless Threats (lien direct) |
>As facial recognition technology advances, bad actors will have more biometric data with which to create deepfake images, videos, sounds and more. Is the security community prepared for this threat?
|
|
|
|
|
2019-04-29 12:00:03 |
5G Will Change How We Manage Mobile Security - Here\'s How to Start Preparing (lien direct) |
The rollout of 5G technology could forever change how we manage mobile security, posing an entirely new set of risks we have not handled before.
|
|
|
|
|
2019-04-26 12:30:03 |
Why You Need a Healthy Mix of Security Analytics to Investigate Threats (lien direct) |
>Effective threat management requires security teams to combine various sources of security analytics with machine-generated data to investigate incidents with speed and accuracy.
|
Threat
|
|
|
|
2019-04-26 11:30:02 |
Rethinking the Industry\'s Approach to the Cybersecurity Skills Gap (lien direct) |
Until now, we've looked at the cybersecurity skills gap in a very broad sense, as if all security jobs and needs are equal. Maybe it's time we look at the skills gap problem in different ways.
|
|
|
|
|
2019-04-25 12:50:01 |
Zero Trust: Why Your Most Privileged Users Could Be Your Biggest Security Weakness (lien direct) |
>Organizations that do not apply the zero trust model to protecting privileged users open themselves up to attacks by threat actors looking to access sensitive systems and networks.
|
Threat
|
|
|
|
2019-04-25 12:45:01 |
Set Expectations and Boundaries With Your Security Program to Minimize Risk (lien direct) |
>Good communication, clear expectations and enforced boundaries are all key to the success of your security program.
|
|
|
|
|
2019-04-25 10:00:04 |
Industrial Control Systems Security: To Test or Not to Test? (lien direct) |
>According to X-Force Red data, the number of vulnerabilities exposing industrial control systems has increased 83 percent since 2011. Should organizations test them and risk destabilizing operations?
|
|
|
|
|
2019-04-24 12:00:02 |
Don\'t Let Vulnerabilities Leave You Taxed - Refund Customer Trust With Application Security (lien direct) |
How an organization handles application security goes a long way in determining whether it will be "taxed" by vulnerabilities in production or receive a nice refund of their customers' trust.
|
|
|
|
|
2019-04-24 11:00:02 |
Long Live the Password - Even if You Don\'t Want It To (lien direct) |
To reduce the risk of a breach due to weak or stolen passwords, companies are adopting multifactor authentication, which requires users to submit an extra piece of data in addition to their password.
|
|
|
|
|
2019-04-23 12:00:02 |
Mobile Security Risks Are on the Rise, But Employers Continue to Cut Corners (lien direct) |
>While smartphones and tablets have become more ubiquitous in the workplace, organizations are flat out ignoring mobile security risks.
|
|
|
|
|
2019-04-23 10:00:02 |
How IBM X-Force IRIS Prepared for the Ukraine Election (lien direct) |
>Before the first round of the Ukraine election in March, we decided that we couldn't afford to sit on our heels until an attack was launched.
|
|
|
|
|
2019-04-22 12:50:02 |
What\'s the Best Way to Build Digital Trust? Show Your Customers You Care About Their Data Privacy (lien direct) |
Focusing on data privacy can have major benefits, including enhanced security, improved compliance and business growth - not to mention increased digital trust among your customer base.
|
|
|
|
|
2019-04-19 12:00:02 |
Mobile Security Versus Desktop and Laptop Security: Is There Even a Difference Anymore? (lien direct) |
>Do you remember your first mobile phone, and the newfound feelings of connectedness and convenience that came with it? Nowadays, are these devices really phones or are they computers? Labels matter.
|
|
|
|
|
2019-04-18 12:30:04 |
In Such Transformative Times, the CISO Is Key to Delivering Digital Trust (lien direct) |
>Ensuring organizations adapt while also retaining a high level of digital trust is exactly where the chief information security officer (CISO) can help.
|
|
|
★★★★
|
|
2019-04-18 12:30:02 |
Level Up Security Operations With Threat Intelligence Cheat Codes (lien direct) |
>Like the video game industry, security has shifted toward unified platforms, and contextual threat intelligence is the cheat code SOC teams need to defeat the bosses standing in the way of security.
|
Threat
|
|
★★
|
|
2019-04-18 11:00:02 |
Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry (lien direct) |
>For the financial services industry, being transparent and demonstrating a mature, integrated business and security model is critical to build trust in today's evolving threat landscape.
|
Threat
|
|
|
|
2019-04-17 19:40:02 |
Automation in Cyber Resilient Organizations: Key Findings From 2019 Ponemon Study (lien direct) |
>A recent Ponemon study revealed a set of habits and practices that the most cyber resilient organizations undertake, such as adopting automation for tasks that don't require human oversight.
|
|
|
|
|
2019-04-17 12:45:01 |
How to Defend Your Organization Against Fileless Malware Attacks (lien direct) |
>Fighting fileless malware attacks will take some serious effort and careful coordination among a variety of tools and techniques.
|
Malware
|
|
|