What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-09-25 11:00:00 | Security-First Culture: Break Company Barriers With a Language That Works (lien direct) | A security-first culture means conveying cybersecurity needs throughout the enterprise, but it isn’t easy to maintain. Communication can be hard no matter who you’re working with. For many IT teams, the profit-and-loss conversation doesn’t come naturally. But these teams need to communicate with executives in order to get the resources they need to protect the […] | |||
|
2020-09-24 12:00:00 | Automotive Cybersecurity: New Regulations in the Auto Industry (lien direct) | Connected car data security becomes key as automakers enable advanced communications and safety features. With this increased connectivity comes greater automotive cybersecurity risks, too. In fact, the number of automotive cyberattacks has risen sharply. The average car today contains up to 150 electronic control units and about 100 million lines of software code. That number is […] | |||
|
2020-09-23 16:00:00 | A Recipe for Reducing Medical Device Internet of Things Risk (lien direct) | You may recall this blog post from March 2020. It highlighted the importance of factoring in clinical, organizational, financial and regulatory impact when determining which medical Internet-of-Things (IoMT) security vulnerabilities should be fixed first. Consider this post a part two. Whereas the previous post focused on the fact that IoMT devices are here to stay […] | |||
|
2020-09-23 15:30:00 | CORS: How to Use and Secure a CORS Policy with Origin (lien direct) | CORS (Cross-Origin Resource Sharing) enables resource sharing that pulls data from a lot of different sources. Like any relatively open aspect of the internet, it can be a risk. Learn how to test your web applications to create a secure CORS policy. Origins and Key Concepts CORS began as a way to make application resource […] | |||
|
2020-09-22 19:30:00 | Uncover Return on Investment From Using a SOAR Platform (lien direct) | When a cybersecurity attack happens, people may be tempted to react impulsively. Instead, security leaders should take a proactive approach. Carefully considering the long-term effects of actions on resources and security posture becomes easier with the right tools. Using a Security Orchestration, Automation and Response (SOAR) platform from day one can help your organization be […] | Guideline | ||
|
2020-09-22 10:01:00 | Today\'s Risk Assessment Goes Beyond Prediction to Intelligence (lien direct) | Risk assessment helps organizations identify, reduce and manage risks to prevent their re-occurrence. To do this, they need to spend a large amount of their IT budget on technologies and processes to find and assess those risks, determine their impact and spend considerable effort to fix them. Additionally, the increased reliance on third-party vendors to provide […] | |||
|
2020-09-22 10:01:00 | Taking the Risk Out of Mergers and Acquisitions (lien direct) | In the post-COVID-19 economy, cyber risk and cybersecurity will play a central role in unlocking mergers and acquisitions (M&A) deal valuations. While economic uncertainty has contributed to a decline in M&A activity in the first half of 2020, many analysts expect an increase in deals during 2020-21 based on several conditions. The Mergers and Acquisitions […] | |||
|
2020-09-17 15:00:00 | Creating Brand Trust: A Key Currency for Business (lien direct) | This is the first in a blog series about building and maintaining brand trust. Brand trust has always been valuable for business, but the ways to develop it have changed a lot in the digital age. I’ve seen a dramatic shift in the last twenty years while I’ve worked in technology and development. In terms […] | ★★★ | ||
|
2020-09-17 10:00:00 | A New Botnet Attack Just Mozied Into Town (lien direct) | A relatively new player in the threat arena, the Mozi botnet, has spiked among Internet of things (IoT) devices, IBM X-Force has discovered. This malware has been active since late 2019 and has code overlap with Mirai and its variants. Mozi accounted for nearly 90% of the observed IoT network traffic from October 2019 through […] | Malware Threat | ★★★ | |
|
2020-09-17 00:11:14 | Risk Management: How Security Can Learn to Do the Math (lien direct) | Risk management is an important element in using data to get ahead of cybersecurity risks before they happen. The costs of protecting an enterprise of any size against cyber attacks continue to rise. Once a business truly understands the consequences of an incident, its leaders must decide how to manage the risk. They can choose to […] | Guideline | ||
|
2020-09-16 12:30:00 | Back to Basics: Creating a Culture of Cybersecurity at Work (lien direct) | The importance of security culture can be seen now more than ever. Many of us work remotely; there are app concerns; and the lines between personal and business use of devices and networks are blurred, challenging our cyber resilience. Therefore, despite all the great tools, frameworks and protective measures in place, we need to ensure people […] | |||
|
2020-09-14 13:00:00 | Jackpotting Reveals Openings in Proprietary Software (lien direct) | Jackpotting, an older ATM theft technique, could show security operations team members what to look out for when it comes to Internet of things (IoT) attacks in general, and even election machine vulnerabilities. This technique first entered the U.S. cybersecurity lexicon in 2018, when Brian Krebs warned of attacks at American ATMs. Jackpotting, Krebs explains, […] | ★★★ | ||
|
2020-09-09 13:00:00 | Creating a Cybersecurity Culture Starts With Your Team (lien direct) | As cyberattacks become more prevalent and sophisticated, companies must put more faith in their employees to make sure they don’t put data at risk or fall victim to ransomware. But, employees are busier than ever. And, creating a cybersecurity culture at work becomes both more important and more challenging when employees work at home. Creating […] | |||
|
2020-09-08 10:30:00 | Data Breach Protection Must Include Physical Security (lien direct) | If most of your business’ data and workloads are handled on public clouds, it can be easy to forget about the onsite servers. With office buildings empty, employees may assume the servers are protected by the same physical security as the rest of the facility. However, physical security has its own considerations, and paying careful […] | Data Breach | ||
|
2020-09-04 13:00:00 | Ransomware Attacks: How to Protect your Data With Encryption (lien direct) | Cybercriminals are making headlines using ransomware to block organizations from accessing their own critical business data to extort ransoms. Recently, the University of California San Francisco fell victim to a ransomware attack on key academic and research data (the institution is known to be working on a cure for COVID-19) and ended up paying over […] | Ransomware | ||
|
2020-09-04 11:30:00 | Incident Response: 5 Steps to Prevent False Positives (lien direct) | False positive alerts in your threat intel platform can leave your team scrambling. It’s like driving to the wrong address. You reach a place, but also waste time you could have used at your intended destination. For security teams, knowing how to screen for false positives saves time and makes the team more efficient at […] | Threat | ||
|
2020-09-03 18:00:00 | Under Attack: How Threat Actors are Exploiting SOCKS Proxies (lien direct) | From the basic building blocks of the internet to cryptocurrency mining on a supercomputer, SOCKS sits at the core of computing. A SOCKS proxy can be used to improve network security in an enterprise, but can also be exploited by cybercriminals for nefarious reasons. Take a look at how SOCKS proxies have been manipulated recently […] | Threat | ||
|
2020-09-02 19:29:36 | SOC 2.0: A Guide to Building a Strong Security Ops Team (lien direct) | In a security operations center (SOC), your cybersecurity tools are only as good as the people using them and your SOC’s culture. What are the critical SOC roles? What qualities should you look for when hiring for them? And, what should you expect from a cybersecurity career? Drawing from my experience working in IBM Security’s […] | |||
|
2020-08-31 13:30:00 | CIAM: Building Blocks to Consumer IAM Success (lien direct) | Consumer identity and access management (CIAM) is the connective technology between consumers and brands. CIAM is an important consideration when navigating routes to market for your products and services. A consumer’s journey navigating solutions to problems is where you can leverage the CIAM building blocks — capture, engage, manage and administration — for more personalized […] | |||
|
2020-08-31 12:00:00 | Learn How to Secure Personally Identifiable Information, Now (lien direct) | As more work shifts to remote, organizations continue dealing with security challenges. Employees are now connecting to internal network resources from varied devices, and many may be connecting with personal devices. Working from off-site locations presents more chances for accidental and malicious data disclosure alike. Protecting personally identifiable information (PII) in difficult environments becomes ever […] | |||
|
2020-08-27 11:00:00 | 4 Steps to Consider When Starting a New Cybersecurity Career (lien direct) | At a time when layoffs are painfully common, now might not seem like a great time to look for a new job or switch careers. Or, is it? The cybersecurity skills gap has not gone away, and companies of all kinds are in need of people with knowledge in this area. And, it’s not just […] | |||
|
2020-08-26 12:30:00 | Leverage Automation Successfully as Part of a Broader SOAR Strategy (lien direct) | In a previous article, we explored common misconceptions about automation and the realities of using automation to improve security. This article discusses automation best practices as part of an overall Security Orchestration, Automation and Response (SOAR) strategy. Being fully aware of the pitfalls of automation helps frame best practices and provide greater context. Recognizing that […] | |||
|
2020-08-25 10:30:00 | Cybersecurity Operations: 5 Ways to Cut Costs Without Pain (lien direct) | Cybersecurity frameworks are notoriously expensive to build and maintain. And, business leaders are frequently dissatisfied with their effectiveness. According to research conducted by the Ponemon Institute, enterprises spend an average of $2.86 million per year on their in-house security operations center (SOC), with more than half of those costs allocated to labor. Yet, barely more than […] | Guideline | ||
|
2020-08-24 11:45:00 | How Can Enterprises Protect Personally Identifiable Information? (lien direct) | With data breaches often appearing in the news, customers and enterprise leaders alike may be concerned that the enterprise isn’t doing enough to protect customers’ personally identifiable infomation (PII). As today’s chaotic economy makes for a hungry threat landscape, what methods can the enterprise apply to better protect the increased PII data flow? In some […] | Threat Guideline | ||
|
2020-08-21 11:00:00 | When Your Heartbeat Becomes Data: Benefits and Risk of Biometrics (lien direct) | Knowing who your users are today is more important than ever. This explains, in part, why integrating biometric usage into identity and access management (IAM) appears appealing. Throw in some artificial intelligence (AI) to help manage all these data points, and the future of biometrics looks pretty wild. The appeal of using biometrics for identity […] | |||
|
2020-08-20 19:23:01 | Automation Realities in the Context of SOAR (lien direct) | Anyone who has spent time on repetitive, manual tasks understands how tedious and cumbersome this work can be and how errors are commonplace. If only machines could do this work for us. This is the promise of automation: the application of technology, programs, robotics or processes to achieve outcomes with minimal human input. Automation makes formerly arduous, […] | |||
|
2020-08-20 12:00:00 | Your Newest Cybersecurity Professional Is Already in Your Company (lien direct) | The cybersecurity talent gap is real. The 2019/2020 Official Annual Cybersecurity Jobs Report predicts that there will be 3.5 million security jobs left unfilled globally by 2021. The cybersecurity profession hit a 0% unemployment rate and the pay is good. So, why are security leaders struggling to fill positions? It could be because they are […] | Guideline | ||
|
2020-08-20 11:30:00 | Digital Transformation: Breaking Down Silos for Better Data Security (lien direct) | Today, enterprises are under pressure to improve the power and reduce the cost of running mission-critical business applications by migrating to modern software architectures. By breaking down the silos between adjacent teams and the tools they use, security teams can do this at the same time as they take steps toward zero trust and true […] | |||
|
2020-08-19 10:00:00 | New Vulnerability Could Put IoT Devices at Risk (lien direct) | Society relies so heavily on technology that the number of internet connected devices used globally is predicted to grow to 55.9 billion by 2025. Many of these devices span parts of Industrial Control Systems (ICS) that impact the physical world, assist us in our daily lives at home and monitor and automate everything from energy […] | Vulnerability | ||
|
2020-08-18 10:10:00 | Don\'t Remove Stalkerware Before Reading This Article (lien direct) | Stalkerware is technically software with malicious intent, but security professionals should treat it as a different beast from other malware. Stalkerware is an app or apps that someone else can install on your device to intercept text messages and phone calls, send call logs, record web browsing activity and keystrokes and even access your location. […] | |||
|
2020-08-17 14:16:52 | UEM tackles remote work: \'2020 Gartner Magic Quadrant for Unified Endpoint Management Tools\' (lien direct) | As summer winds down, unified endpoint management (UEM) is starting to heat up. Gartner just introduced the 2020 Gartner Magic Quadrant for Unified Endpoint Management, the newest (and third) edition of its annual research report. Per our understanding, the 2019 edition focused on, among other things, the evolution of mobile device management (MDM) and enterprise […] | |||
|
2020-08-17 11:00:00 | How to Ensure Secure and Complete Data Destruction (lien direct) | Data security means keeping data out of the wrong hands. This is especially important when storage media is no longer usable and needs to be decommissioned. The data must be truly destroyed, for both security and compliance. The trouble is ‘deleting’ data doesn’t really delete data. It’s still possible to extract data from a device that […] | |||
|
2020-08-17 11:00:00 | Threat Modeling in a Container Environment (lien direct) | As organizations turn to hybrid solutions, an increasing number of businesses are turning to container orchestration to provide a seamless solution to computing between environments. “Containers are units of software in which the code and all its dependencies are packed, allowing applications to run quickly and efficiently from one computing environment to another,” Container Journal explains. […] | Threat | ||
|
2020-08-17 10:00:00 | New Ponemon Report: A Programmatic Approach to Vulnerability Management for Hybrid Multicloud (lien direct) | X-Force Red is unveiling a new research study, conducted by the Ponemon Institute, that highlights vulnerability management challenges for on-premises and cloud environments: in other words, hybrid multicloud. The report, “The State of Vulnerability Management in the Cloud and On-Premises,” is based on a global survey of 1,848 IT and IT security professionals in North […] | Vulnerability | ||
|
2020-08-14 14:44:35 | Safeguarding Health Care Services During COVID-19 With Dr. Saif Abed and Dan Taylor (lien direct) | Health care organizations are coming under increased pressure from COVID-19. At the same time, they’re trying to expand digital services to patients and fend off more cyber threats. In order to gain insight into what health care organizations can do, I interview Dr. Saif Abed with The AbedGraham Group and Dan Taylor, associate partner for […] | |||
|
2020-08-12 10:50:00 | Help Reinforce Privacy Through the Lens of GDPR (lien direct) | The General Data Protection Regulation (GDPR) marked its two-year anniversary in May 2020 as one of the “toughest privacy and security” regulations, according to the European Union. GDPR has triggered a global movement of maturing privacy and data protection laws with stricter requirements. Meanwhile, the global COVID-19 pandemic is affecting day-to-day reality. While organizations were […] | |||
|
2020-08-11 11:25:00 | Questions to Ask When Conducting Single Sign-On Enrollment (lien direct) | Instead of asking employees to input passwords every day, single sign-on (SSO) offers a simplified but secure authentication process. SSO authentication gives a user the option of choosing a single set of credentials to access multiple accounts and services. So, how can organizations best use SSO for their purposes? This authentication scheme works with the […] | |||
|
2020-08-11 10:45:00 | Data Democratization: Balancing Risk vs Reward Through Data Governance (lien direct) | Expanding employees’ access to the company’s data, known as data democratization, can be controversial. A more open attitude to data within the enterprise can give people the tools to fuel innovation and improve their bottom lines. However, it also can pose problems with security if not properly rolled out. As businesses work towards unleashing the […] | |||
|
2020-08-10 11:00:00 | Vendor Management: 7 Tips for Security During Remote Work (lien direct) | Third-party vendor management can be a risk to an organization’s data and network security. Enterprises depend on vendors to use security best practices that meet company standards while using their services when they have access to the company network. But that was when most people were working from their company’s physical place of business and […] | |||
|
2020-08-07 11:30:00 | Cloud IAM and the Path Toward Digital Transformation (lien direct) | By 2022, 40% of global midsize and larger organizations will use identity and access management (IAM) capabilities delivered as software-as-a-service (SaaS) to fulfill most of their needs, cites a 2019 Gartner press release on IAM technology trends. Today, businesses are aligning themselves with a digital ecosystem by moving toward cloud adoption. On the journey toward […] | |||
|
2020-08-07 11:00:00 | Loving the Algorithm: User Risk Management and Good Security Hygiene (lien direct) | User risk management watches where people can’t. If you polled a random sampling of employees at various organizations, most would probably consider themselves security-minded. They would argue that they are not actively sending sensitive data to malicious recipients, clicking strange links or downloading attachments from unknown senders. This mindset is a good attribute, and should […] | |||
|
2020-08-07 10:55:00 | How Zero Trust Can Help Defend Against Ransomware Attacks (lien direct) | According to IBM X-Force Incident Response and Intelligence Services (IRIS) team’s Cloud Security Landscape Report 2020, ransomware is the most commonly deployed malware in infiltrated cloud environments. It accounts for three times as many cases as cryptomining and botnet malware, which are second and third place, respectively. Ransomware remains a serious threat, despite improved security […] | Ransomware Malware | ||
|
2020-08-06 11:35:00 | Shellshock In-Depth: Why This Old Vulnerability Won\'t Go Away (lien direct) | Shellshock is a bug in the Bash command-line interface shell that has existed for 30 years and was discovered as a significant threat in 2014. Today, Shellshock still remains a threat to enterprise. The threat is certainly less risky than in the year of discovery. However, in a year in which security priorities have […] | Vulnerability Threat | ||
|
2020-08-06 11:30:00 | Endpoint Security Using AI & MITRE For Your Remote Workforce (lien direct) | As employees increasingly work remotely, it is more important than ever to maintain visibility and threat detection in a remote working world. We have seen a significant increase in state-sponsored attacks and malicious phishing campaigns, and this trend is expected to continue. This period of remote work is a good time for enterprise to make […] | Threat | ||
|
2020-08-06 11:00:00 | Security Modernization for the Cloud (lien direct) | This is the first in a blog series that will focus on all phases of security delivery: design, dev/build, test, deploy, operate and learn. Many organizations are facing new cybersecurity concerns as they look to accelerate their digital transformations for themselves and their customers. At the same time, information technology (IT) and operations are being […] | |||
|
2020-08-05 11:00:00 | Defending the Oil and Gas Industry Against Cyber Threats (lien direct) | The oil and gas industry is one of the most powerful financial sectors in the world, critical to global and national economies. Therefore, this industry is a valuable target for adversaries seeking to exploit Industrial Control Systems (ICS) vulnerabilities. As the recent increase in attacks against ICS demonstrates, adversaries with a specific interest in oil and […] | |||
|
2020-08-05 11:00:00 | Threat Hunting Techniques: A Quick Guide (lien direct) | Threat hunting is an essential part of security operations center services and should be incorporated at an early stage. Threat hunting is the art of finding the unknowns in the environment, going beyond traditional detection technologies, such as security information and event management (SIEM), endpoint detection and response (EDR) and others. There are multiple methods […] | Threat | ||
|
2020-08-04 10:45:00 | Measuring Security Operations Center Effectiveness Globally (lien direct) | Do you know what is it like to measure and optimize global security operations centers (SOCs)? At IBM Managed Security Services’ (MSS), we measure an SOC a bit like operating and managing the performance of a factory. It’s incredibly important to monitor and measure the performance of every component and how they all work together. […] | |||
|
2020-08-04 10:00:00 | 6 Ransomware Trends You Should Watch for in 2020 (lien direct) | A ransomware infection can have a significant financial impact on an organization. American digital security and data backup firm Datto found that ransomware is costing businesses more than $75 billion a year. Part of that financial impact results from downtime costs. Govtech also revealed that businesses lost an average of $8,500 per hour as the […] | Ransomware | ||
|
2020-08-03 16:00:27 | How Employing Encryption for Data Security Changed History (lien direct) | Human history is full of examples of encryption playing pivotal roles in war, competition and transitions of power. Throughout recorded time, people have employed encryption as a tactical tool to keep information private. That data could involve military campaigns, plots to overthrow political leaders or political dealings. In some cases, the use of encryption actually resulted […] | Tool Guideline |
To see everything:
Our RSS (filtrered)
