Infosecurity Opinions
Ransomware and Cyber-Insurance: What It Means for You and Your Company
If you’re one of the approximately one third of U.S. companies that purchase cyber-insurance to mitigate the costs of a security breach, you may be covered for a ransomware attack. But policies can vary greatly, and it’s important that companies understand the specifics.
How Machines are Waging War Against the Malicious Insider
There is a savior in sight and machine learning is gaining momentum and catching up with the sophisticated, malicious insider at a rapid pace.
Treating Ransomware in the Healthcare Sector
Ransomware is a serious problem across all industries, but increasingly the healthcare sector has become a primary focus for cyber criminals who are keen to capitalize on this sector’s need to run a 24/7/365 operation.
How to Guarantee Data Security When Data is in an External or Public Cloud
There's no doubt that shared cloud hosting offers many direct advantages to businesses, particularly those without extensive on-site data infrastructure. It's inexpensive, it's easy to access, it doesn't require maintaining your own hardware, and you've got experts on-call if there's ever an issue.
Security Breaches are Inevitable...Or Are They?
While exciting, new dynamics are accompanied by potentially catastrophic security implications and presents enterprise organizations with the significant challenge of balancing security with user privacy.
Cloud Data Remains Your Responsibility
It is the cloud provider’s responsibility to ensure your data is secured and protected within their environment, and their SLA should offer appropriate guarantees.
Gmail Phishing: Is it Time to Block Uncategorized Sites?
The recent reports warning users about a phishing attack that’s been targeting Gmail users with a high degree of effectiveness have caught the attention of security professionals, but the attack should in fact pose little risk to many enterprise users.
Detecting the Undetectable
How CISOs can hunt for the attackers who don’t want to be found
Time for Operators to Act on Mobile Security
Why carriers should build enhanced security features into their mobile services
How The Industry Responds to the Cybersecurity Skills Shortage
To hear that the Government is setting aside significant investment to teach teenagers vital cybersecurity skills is welcome news, especially at a time when there is a serious lack of digital skills and an increased threat to companies’ digital infrastructures.
How to Spot Rogue Admins in Your Company
Most administrators are likely to be honest, hard-working and reliable workers, although some have been known to turn to the dark side. Why? It's hard to say.
Users Can Secure Their IoT Devices; But Will They?
Attackers use malware to enlist our smart thermostats, speakers, lights, and more as soldiers for their botnet armies – used in coordinated massive attacks causing security breaches that threaten the integrity of the internet.
The Password is Alive But Not Well
Passwords will remain the ubiquitous form of authentication. We should focus on making them better, not replacing them.
Infosec Budget: Creating Barriers to a Cybersecurity Culture
Rather than working out how to spend whatever is in the budget, the challenge is how to get the right amount of budget allocated in the first place.
Ensuring Secure Practices around Open Source
Most companies remain in the dark when it comes to the open source used in their applications, and as a result are susceptible to vulnerabilities that may be in that open source.
Endpoint Modeling: Automatic, Noise-Free Security
Endpoint modeling automatically discovers each device that is on your network; creates a software-based model of that device’s usual behavior; continuously monitors the behavior of the device over time, identifies any deviations from the model; and when an exception occurs, generates a near-real-time, actionable alert for your security analyst(s), so that your organization can respond to a potential threat.
What Executives and Board Members Should Demand of Security
The question to ask should be: is there an active attacker currently on our network? The answer should be definitive and based on full visibility that detects attacker activity, namely the internal reconnaissance and lateral movement necessary to carry out an active attack
Automation in Phishing: Fighting One Automated Industry with Another
As the phishing field continues to become more sophisticated, a larger abundance of advanced tools will become available for cyber-criminal to ensure their campaigns’ success.
The Three Innovations Shaping Cybersecurity's Future
Adaptive security continues to be a strategic technology trend for enterprises who face sophisticated cyber-attacks that force them to play constant defense using a patchwork of security tools.
