Networks
The latest technologies and best practices to secure local, virtual, cloud, and hybrid networks.
-
5 Steps to a Better Incident Response Plan
By John Bruce, Resilient This is the decade of response. It’s officially arrived. After decades of focusing on preventing and detecting cyberattacks, security leaders are finally treating how they respond to cyber threats with equal priority. As the frequency, sophistication and volume of cyber threats continue to increase, organizations need the ability to respond to…
-
Lack of Monitoring Weakens Database Security
Like the crown jewels, many companies assign a nearly priceless value to their data. So why aren’t they taking better care of the databases where they store much of their corporate data? Forty-seven percent of companies surveyed by Osterman Research, on behalf of database security company DB Networks, do not have a dedicated team or…
-
6 Ways to Make IAM Work for Third-Party Organizations
Issuing one-time password (OTP) tokens to third-party organizations to provide privileged remote access to your network can lead to a data security disaster, warned research director Felix Gaehtgens at the Gartner Identity and Access Management (IAM) Conference in London earlier this month. “For employees or contractors working internally who need privileged access, having OTP is…
-
6 Tips for CISOs Selling Security to the Board
Enterprise security needs to be a regular concern of boards of directors. It is fairly easy to convince boards of this, thanks to the near-constant flow of high-profile data breaches, from the Target and Home Depot attacks to more recent incidents involving the federal Office of Personnel Management, Ashley Madison and others. “With all of…
-
32 Percent of Companies Don’t Evaluate Their Third Party Vendors
According to the results of a recent NAVEX Global survey of 321 professionals involved in third-party management, fully 32 percent of respondents don’t evaluate third parties at all before engaging with them, almost half of respondents have no dedicated budget for third party risk management, and 11 percent of respondents don’t even know how many…
-
5 Best Practices for Reducing Third-Party Security Risks
With security breaches now a regular fixture in the news, it’s an increasing cause for concern that many — including major breaches at Target and Goodwill — are caused not by attacks on the companies themselves, but by breaches at third-party vendors. PWC’s 2015 U.S. State of Cybercrime Survey found that 62 percent of companies…
-
Missing Hard Drives Expose 950,000 Centene Customers’ PHI
The healthcare provider Centene Corporation recently announced that it’s searching for six unencrypted hard drives that were unaccounted for in an inventory of IT assets. The drives held the names, addresses, birthdates, Social Security numbers, member ID numbers and health information of approximately 950,000 people who received laboratory services between 2009 and 2015. “While we…
-
University of Virginia Breached by Phishing Attack
The University of Virginia (UVA) recently began notifying more than 1,400 of its Academic Division employees that their data was exposed as a result of a successful phishing attack. The FBI alerted the university to the breach, which happened between November 2014 and February 2015. “Suspects overseas involved in this incident are in custody,” UVA…
-
10 Open Source Security Breach Prevention and Detection Tools
While the breach prevention and detection market is dominated by names like Symantec, McAfee and Juniper, open source tools are also popular with security pros. Open source security breach prevention and detection tools can play a major role in keeping your organization safe in the battle against hackers, cybercriminals and foreign governments. Here are 10…
