Infosecurity Opinions
Security for IoT devices
The whole IoT system should be architected in a way that protects information and assets at all levels.
The Growth of Runtime Application Self Protection
RASP based technologies promise to eliminate false positives, reduce the complexity of securing applications and to lock down the most common vulnerabilities being exploited today.
24x7 SOCs: The Answer to all Monitoring and Logging Needs?
Monitoring and logging are crucial aspects of cyber assurance strategies that have been around for many years, however, the reality that cyber-attacks and breaches now happen to anyone and everyone is inevitably bringing the need for round the clock ‘situational awareness’ to the fore.
Too Many Incident Responders are Chasing Fires that do not Exist
There’s a fundamental problem with security tools in the market today: they detect and judge events in isolation.
Yesterday’s News: Security is a Board level issue
The fact that cybersecurity is a board issue is yesterday’s news. You’d be hard pressed today to find a CISO who isn’t spending more time preparing reports for their executive and audit committees. Today’s dilemma is what information to share in order to help inform business decisions.
Three Pillars of Docker Security: Visibility, Identification & Tracking
Without tools to manage the security of Docker deployments, organizations risk exposing their containers to attack.
Can Facial Recognition Boost Security and Compliance?
Today facial recognition is a powerful tool used widely by federal agencies and the military, and also emerging as an important component of security solutions for businesses.
Battling the Botnet Armies
Botnet armies have got bigger, more active and more heavily armed than ever before. In the first quarter of 2016, attacks launched by bots reached a record high of 311 million – a 300% increase compared with the same period in 2015, and a 35% increase compared with the final quarter of 2015.
The Importance of a Cyber Incident Response Plan and the Steps Needed to Avoid Disaster
In the immediate aftermath of a breach, organizations should have an incident response plan which includes incident detection as well as incident response. Despite this, we found that a third of organizations do not have an incident response plan in place, and two-thirds of those that do have never tested their plan. It’s like having a plan for a fire drill but never actually executing it.
Lack of Security Has Cyber-Criminals Turning to SMEs
While some SMEs (approximately 23%) have caught on to the potential risk posed by cybercrime, too many are still relying on outdated technology that only provides perimeter security, completely ignoring file-based threats.
Analytics: The Single Key to Simultaneous Security and Productivity
Rather than adding more layers to authentication, the solution lies in contextual analytics.
Why Education Institutions Need a Security Re-Education
Over the last year, there has been an industry spotlight on data breaches, many of which have become front page news. Kaspersky and Experian are just two that had significant media attention.
Teachable Moments: Five Cybersecurity Lessons from Emailgate
FBI Director James Comey delivered a statement this week announcing the FBI does not recommend criminal charges against Hillary Clinton for her use of a private email server during her time as Secretary of State. While the findings of the investigation will be debated extensively, there are five data security lessons contained in the statement that apply to all organizations.
IoT is Finally Here, We All Need to Rethink Our Approach to Security
It has been a long time coming, the concept of millions of devices connected via the internet has been talked about for at least 15 years, but the challenge of getting the hardware costs down to the point of insignificance and working with unreliable and patchy connections has meant that it has taken until now for the idea take hold.
Cybersecurity isn’t Rocket Science!
Thinking about your organization’s data security infrastructure in terms of medieval warfare will actually help you to consider all of the potential threats posed to it, and most importantly, give you the insight you need to create a robust security infrastructure
The Rising Tide of Android Malware
As the mobile market matures, thieves are discovering new ways to exploit this captive audience of mobile users.
Man and Machine: A Match Made in Cybersecurity Heaven
I’m not suggesting that security analysts should be replaced by automated systems, rather, they should complement one another.
Software Defined Security: Going Beyond Traditional Measures
By adopting the SDSec model, businesses can realize the benefits of programmability and automation, which will consequently enable them to respond to today’s security threats in a more dynamic, efficient and intelligent way.
Rebuilding Digital Trust in The Age of The Hack
We now live in an “Allternet” world, where all people, products and places are hyper-connected and fundamental shifts in how we interact and trust each other are emerging.
How Can Your Company Radically Curb Insider Threat?
At Zalando, our internal bug bounty program underlines the need to hack, learn from mistakes, and in the process, develop the most secure products.