Purple Teaming: A Key Solution in Addressing Evolving Threats

Author(s):

MK Akram, Project Manager, Globex IT Solutions

Purple Teaming - USCYBERCOM

From the SolarWinds attack to the attempt to poison Florida city’s water supply and the Colonial Pipeline shutdown due to ransomware, recent months have demonstrated how aggressive cybercriminals have become—which raises the question: are modern cybersecurity solutions really that ineffective? With one major attack after another, the expectation is that organizations would have already undertaken … Read more

Bots: to Block or Not to Block? Effective Bot Management Strategy

Author(s):

Emma Yulini, Outreach Manager, Rise Digital

Bot Management - Good Bots - Malicious Bots

A significant portion of users visiting your site are not human. In 2017, more than 50% of internet traffic came from bots, and while there have been some improvements in recent years, today it’s estimated that more than 40% of all internet traffic comes from bots, and around 25% comes from malicious, bad bots. Malicious bots … Read more

From the Spring 2021 Issue

How Much is Too Much When Paying Out a Reward for a Vulnerability?

Author(s):

Alex Haynes, CISO, Cheshire Datasystems Ltd.

how-much-is-too-much-when-paying-out-a-reward-for-a-vulnerability

There has been a lot of publicity surrounding ‘bug bounty’ programs that pay out seemingly large rewards for finding vulnerabilities in web applications. This trend has increased over the years as crowdsourced security programs have matured since their inception almost 10 years ago and their adoption has become mainstream. Should we pay out large sums … Read more

From the Spring 2021 Issue

Human Psychology Toward Cybersecurity Can Build Value as a Business Enabler

Author(s):

Glenn Axelrod, M.Sc. IT, CISA, CISM, CRISC, Senior Information Technology Consultant , HKA Technology Solutions, L.L.C.

human-psychology-toward-cybersecurity-can-build-value-as-a-business-enabler

Cybersecurity human engagement is not always apparent. Attack victims are particularly vulnerable; therefore, cybercriminals utilize pre-defined destructive motivations. Nevertheless, users worldwide continue to hand over confidential information unintentionally, or merely because of curiosity. Cyber adversary actions are usually the subject of research (i.e., what we do and what we could have done to prevent the … Read more

From the Spring 2021 Issue

Five Best Practices for Cloud Security

Author(s):

Alex Jones, Information Security Manager, Cobalt.io

5-best-practices-for-cloud-storage

Companies of all sizes are rapidly moving to cloud-based technology to enable a remote workforce and support critical business functions in the challenging pandemic environment. While the expansion of cloud services has exponentially accelerated through COVID-19, the truth is they have been growing rapidly even before the pandemic. These shifts increase companies’ attack surface and … Read more

From the Spring 2021 Issue

Cybersecurity: The Danger of Comfort Zones

Author(s):

Dr. Rebecca Wynn, Global CISO & Chief Privacy Officer , Author

cybersecurity-the-danger-of-comfort-zones

The biggest danger of any organization is comfort zones. These comfort zones are seen in silos and in the culture of “we have always done things this way.” Cybersecurity, compliance, privacy, governance, and IT departments are no exception to having this danger. The emergence of new devices and software products designed to unite employees has … Read more

From the Spring 2021 Issue

Telemedicine is Not Going Anywhere – Where’s the Security Infrastructure to Back It Up?

Author(s):

Asaf Ashkenazi, Chief Operating Officer , Verimatrix

telemedicine-is-not-going-anywhere

In the wake of 2020’s last year’s world-shaking events, traditional workflows were completely disrupted, accelerating digital transformation at a rapid pace. Telemedicine, a virtual replacement for in-person doctor visits via video or other technological methods, started gaining significant traction in recent years, reaching an all-time-high due to COVID-19. Patients have now turned to telemedicine in … Read more

From the Spring 2021 Issue

Recovering from Catastrophic Data Loss

Author(s):

Roland Airey, Senior Consultant, Kenneally Technology Services

protect-your-data

Now, almost all parts of our business life are digital! Spreadsheets, pictures, accounting files and videos are all particularly important files maintained by your company or organization. There is a possibility at some point data was stolen from you by a computer hack or perhaps files were deleted by a disgruntled employee. No matter the … Read more

From the Winter 2021 Issue

What’s Wrong with Our Industry? Business Survival and Network Security in Times of Crisis

Author(s):

Jack Koons, Author, Lecturer

Data Data Data

Hard Truths Members of the cybersecurity industry need to face a few hard truths: The perimeter as we know it is rapidly dissolving. Your data must now traverse known and unknown (i.e., untrusted) infrastructure and operate on devices no longer considered “corporate”. Identity is the new perimeter – no longer constrained by static routing tables … Read more

From the Winter 2021 Issue

Ransomware: The King of Evolution

Author(s):

Dr. Jason Edwards, Cybersecurity Strategy Principal, USAA

Griffin Weaver, Senior Legal Counsel, Dell Technologies

ransomware-king-of-evolution

The concept of ransomware is not new – not even for this century. Rather, it’s an old crime that has evolved with the advent of the computer age and the need to conduct business online. Ransom crimes (i.e. holding something of value hostage) have been around for thousands of years. But now, with the introduction … Read more