Archive for the ‘Information Security’ Category

Embrace integrations and automation as you build a security program

Information Security Program Guide: Company Policies, Departmental Procedures, IT Standards & Guidelines

Leave a Comment

Certified Information Systems Security Professional (CISSP) training course

Certified Information Systems Security Professional (CISSP) training course If you’re building a career in information security the Certified Information Systems Security Professional (CISSP) is the must-have qualification to help you progress. It is a globally recognized standard that demonstrates your competence as an IT professional. This course will prepare you with the knowledge and skills […]

Leave a Comment

How to hack into 5500 accounts… just using “credential stuffing”

We all ought to know by now that passwords that are easy to guess will get guessed. We recently reminded ourselves of that by guessing, by hand, 17 of the top 20 passwords in the Have I Been Pwned (HIBP) Pwned Passwords database in under two minutes. We tried the 10 all-digit sequences 1, 12, 123 and so on up to 1234567890, and eight of them […]

Leave a Comment

Quantum computing: How should cybersecurity teams prepare for it?

Our community – that is, technologists, mathematicians and information assurance professionals – has generally adapted well to changes in the technology landscape. At the start of the Cold War, the western security apparatus sought to understand the actions of their adversaries by intercepting radio signals bouncing off the ionosphere and analyzing the messages they carried. […]

Leave a Comment

Endpoint security: How to shore up practices for a safer remote enterprise

In the modern cloud-based application era, securing hardware is often neglected, so the volume of unmanaged devices noted above is not surprising. Endpoint management is hard, it’s boring, it’s time-consuming — but it’s nevertheless extremely important to a robust security strategy. Why? Bad actors know that machines aren’t getting configured and maintained at the rate […]

Leave a Comment

City of Tulsa, is the last US city hit by ransomware attack

One of the biggest cities in the US  by population size, the City of Tulsa, was victim of a ransomware attack that affected its government’s network and forced the shutdown of official websites over the weekend. Shortly after the attack, that took place Friday night, the city issued a statement to inform that no customer […]

Leave a Comment

Records and Information Management: Fundamentals of Professional Practice

Records and Information Management: Fundamentals of Professional Practice, Fourth Edition presents principles and practices for systematic management of recorded information. It is an authoritative resource for newly appointed records managers and information governance specialists as well as for experienced records management and information governance professionals who want a review of specific topics. It is also a […]

Leave a Comment

Hospital Operator Takes Network Offline After Major Cyberattack

A Californian hospital operator has made the move to take is network offline after it was hit by a major cyberattack.  Reports state that the Scripps Health computer network that operates across half a dozen hospitals and a number of outpatient facilities in the San Diego, California area was forced to move to offline procedures […]

Leave a Comment

How to Become a Data Protection Officer

How to Become a Data Protection Officer The role of a Data Protection Officer (DPO) is a fairly new one in many companies. What’s more, the need to hire a DPO often comes as a response to the General Data Protection Regulations (GDPR) which were implemented back in 2018.As such, the responsibilities, reporting and structure […]

Leave a Comment

The realities of working in and pursuing a career in cybersecurity

“One of the biggest challenges we have in cybersecurity is an acute lack of market awareness about what cybersecurity jobs entail,” said Clar Rosso, CEO of (ISC)². “There are wide variations in the kinds of tasks entry-level and junior staff can expect. Hiring organizations and their cybersecurity leadership need to adopt more mature strategies for building teams. […]

Leave a Comment

US and allies to take steps to fight a surge in ransomware attacks

A task force of 60+ experts from industry, government, nonprofits, and academia calls on the US and allies to take steps to fight a surge in ransomware attacks  A task force of more than 60 experts from industry, government, nonprofits and academia is urging the U.S. government and global allies to take immediate steps to stem a growing global […]

Leave a Comment

The next big thing in cloud computing?

For some time, the public cloud has actually been able to offer more protection than traditional on-site environments. Dedicated expert teams ensure that cloud servers, for example, maintain an optimal security posture against external threats. But that level of security comes at a price. Those same extended teams increase insider exposure to private data—which leads […]

Leave a Comment

Microsoft Defender uses Intel TDT technology against crypto-mining malware

Microsoft announced that Microsoft Defender for Endpoint, its commercial version of Windows 10 Defender antivirus, implements a new mechanism that leverages Intel’s Threat Detection Technology (TDT) to block cryptojacking malware using Cryptojacking malware allows threat actors to secretly mine for cryptocurrency abusing computational resources of the infected devices. The Intel TDT technology allows sharing heuristics and telemetry with […]

Leave a Comment

Ransomware: don’t expect a full recovery, however much you pay

When it comes to all the various types of malware out there, none has ever dominated the headlines quite as much as ransomware. Sure, several individual malware outbreaks have turned into truly global stories over the years. The LoveBug mass-mailing virus of 2000 springs to mind, which blasted itself into hundreds of millions of mailboxes within a few […]

Leave a Comment

The hybrid office will create great opportunities—for companies and cybercriminals

Spring is always a time of renewal, but never more so than this year. After our long winter of forced isolation, the increased accessibility of safe and effective vaccines has many looking forward to shutting off Zoom, putting on some real pants, and emerging to see friends and colleagues in person for the first time in more than […]

Leave a Comment

Digital business requires a security-first mindset

Digital business mindset While developing a seamless and successful digital mindset with a security strategy is not a simple task, the effort is crucial for the health of a company. Unfortunately, security tools haven’t always gotten the best rep with developers, who feared the tools would slow them down, reflect poorly on their work, or […]

Leave a Comment

Alarming Cybersecurity Stats: What You Need To Know For 2021

The year 2020 broke all records when it came to data lost in breaches and sheer numbers of cyber-attacks on companies, government, and individuals. In addition, the sophistication of threats increased from the application of emerging technologies such as machine learning, artificial intelligence, and 5G,  and especially from greater tactical cooperation among hacker groups and […]

Leave a Comment

Majority of Mobile App Vulnerabilities From Open Source Code

COVID-19 has impacted everything over the past year, and mobile app security is no exception. The Synopsys Cybersecurity Research Center (CyRC) took an in-depth look at application security, and discovered just how vulnerable apps that use open source code really are. According to the report, 98% of apps use open source code, and 63% of those apps […]

Leave a Comment

DISC InfoSec shop

Leave a Comment

Security Recommendations 2021: Taking Stock For The Long Term

Leave a Comment