Workplaces have become highly connected. Even a small business could have dozens of devices in the form of desktops, mobile devices, routers, and even smart appliances as part of its IT infrastructure.
Unfortunately, each of these endpoints can now be a weak link that hackers could exploit. Hackers constantly probe networks for vulnerable endpoints to breach.
For example, systems and
Posted in cyber security software, endpoint detection, Endpoint Management, endpoint network security, endpoint security, Enterprise Security, network security software | Comments (0)
Doing business in today's connected world means dealing with a continually evolving threat landscape.
With potential losses due to downtime following a breach, plus valuable client and proprietary information at risk, most organizations realize they cannot afford to be complacent.
This puts extra onus on security IT teams, who are continuously left scrambling, looking for the best way to
Posted in antivirus, business security, cyber security software, cyber security tools, cyber security webinar, Enterprise Security, network security, webinar | Comments (0)
Photo by Terje Pedersen / NTB scanpix
One of the world's largest producers of aluminum has been forced to shut down several of its plants across Europe and the U.S. after an "extensive cyber attack" hit its operations, leaving companies' IT systems unusable.
According to a press release shared by Aluminum giant Norsk Hydro today, the company has temporarily shut down several plants and
Posted in computer virus, Enterprise Security, hacking news, Malware attack, ransomware, ransomware attack, ransomware malware | Comments (0)
Popular enterprise software company Citrix that provides services to the U.S. military, the FBI, many U.S. corporations, and various U.S. government agencies disclosed last weekend a massive data breach of its internal network by "international cyber criminals."
Citrix said it was warned by the FBI on Wednesday of foreign hackers compromising its IT systems and stealing "business documents,"
Posted in citrix software, data breach, data security, Enterprise Security, hacking news, network hacking, password hacking | Comments (0)
Google's one-year-old cybersecurity venture Chronicle today announced its first commercial product, called Backstory, a cloud-based enterprise-level threat analytics platform that has been designed to help companies quickly investigate incidents, pinpoint vulnerabilities and hunt for potential threats.
Network infrastructures at most enterprises regularly generate enormous amounts of network
Posted in Backstory threat analytics, Chronicle, cyber security software, cybersecurity, Enterprise Security, Google Backstory, Google Cloud, network security, SIEM Software | Comments (0)
How do you know whether an attacker has infiltrated your network? Can you really rely on an Endpoint Detection and Response (EDR) solution to be your go-to technology for identifying security breaches?
Endpoint detection and response (EDR) platform has been an important technology to detect cybersecurity incidents, but it provides only the view of endpoints, just a portion of the big picture.
Posted in Corporate security, cyber security webinar, edr solutions, endpoint detection, Enterprise Security, network security, webinar, xdr solutions | Comments (0)
If you are responsible for the cybersecurity of a medium-sized company, you may assume your organization is too small to be targeted. Well, think again.
While the major headlines tend to focus on large enterprises getting breached – such as Sony, Equifax, or Target the actual reality is that small and mid-sized companies are experiencing similar threats.
According to Verizon’s 2018 Data
Posted in Cyber Attack, cyber security, cyber security videos, cyber security webinar, cybersecurity, Enterprise Security, hacking news, webinar | Comments (0)
Paul and John talk about Security Policies and Procedures. They discuss the most fundamental parts of policies and procedures. It is the most difficult to implement, but the most important to structure of the enterprise. Full Show NotesVisit http://securityweekly.com/esw for all the latest episodes!
The post Security Policies and Procedures – Enterprise Security Weekly #56 appeared first on Security Weekly.
Posted in Enterprise Security, Enterprise Security Weekly, security solutions | Comments (0)
Recent corporate breaches have taught us something important — the average enterprise user is spectacularly bad at choosing good passwords.
As modern enterprise is becoming a hybrid organization with infrastructure spread across on-premises data centers as well as in the cloud, security of information, applications, and assets has become a paramount concern.
Cyber security is no longer an
Posted in best password manager, Cyber Attack, enterprise password manager, Enterprise Security, ManageEngine Password Manager Pro, password manager, Password Manager for Enterprise, password security | Comments (0)
In my last blog post, I posed the concept of Cyber Risk Appetite as something that all organizations need to consider today. I used the analogy of a balanced diet of risk – taking some risks to keep the business growing while avoiding so much risk that the business becomes bloated. The objective is to maintain a healthy business. If I may, I would like to take the analogy one step further. One factor to consider when you look at your own appetite – or intake of food – is how much energy you expend on a daily basis. If you have a tremendous appetite, you can counteract the amount of calories you ingest with a balance of physical activity. Yes, I am talking about exercise. This analogy is a helpful illustration to discuss the “cyber risk appetite” equivalent of exercise.
As your organization implements new technologies, extends to new markets or launches revolutionary business processes, risks will be inherently present. It is unavoidable. Based on your appetite and your risk tolerances, you then determine what you need to do to manage that risk – implement security technologies, modify processes, assign ownership, etc. Your cyber risk appetite will directly impact how much you will need to think through controls. In other words, BIG risk appetite = BIG exercise plans.
The conversation with the business – described in my previous blog – on how technology propels business strategies and what level of cyber risk is tolerable should be followed up with the exercise discussion. Meaning – when the business states we have a big appetite (“we want to move fast and will accept risks”), the response must be then what is your exercise plan? Exercise requires commitment, time, energy, will power and typically some type of equipment. You may not go out and sign up for daily boot camp classes but a willy-nilly exercise plan is not going to cut it if you let your appetite run rampant.
In today’s hyper fast market, the business may need to go down a path that make the traditional, risk adverse GRC or security teams cringe. First, that reaction is natural. But more importantly, that instinct is necessary. Without that automatic response, a company can overextend its risks and head down a dangerous path. But once that innate aversion to risk subsides, an organization that understands it takes the effort of exercise to balance out the market drivers driving toward risk can focus on what is prudent to manage that risk and proceed with caution – but proceed nonetheless.
Just like maintaining a balanced diet of risk is necessary to maintain a healthy business, a disciplined exercise strategy is critical for the business to stay fit. Risk and security strategies that result in a coordinated, consistent application of controls throughout the enterprise will ensure that even if the business falls off the wagon and munches on an occasional snack food, there is a safety net of exercise to offset those extra calories.
The post Appetite and Exercise appeared first on Speaking of Security – The RSA Blog and Podcast.
Posted in Cyber risk, cyber risk appetite, Enterprise Security, GRC, Home, Risk & Compliance (GRC), risk management, security management | Comments (0)