Post Image

3 Information Security Threats Caused by New Office Technology

Your information security strategy includes attention to endpoints and patching, but are you aware of the risks associated with your firmware? Your organization's hardware with programmable read-only software could be an overlooked component of your endpoint security strategy.

The recent surge in DDoS attacks has revealed that various connected devices, including office routers, printers, and security systems, could be a huge target for attackers. At some organizations, these devices are not even considered as an aspect of written endpoint security assessments and risk planning.

Using old office equipment can be a security risk, but implementing the wrong technology or poor implementation technique are just as dangerous. In this blog, you'll discover sources of security risk in new office technology and how to mitigate them.

Mobile security and endpoint security are important, related topics. For more on this topic, we recommend 5 Ways to Reduce Information Security Risk in a Mobile Workplace.

Read More
Post Image

3 Easy Ways to Get the Most Out of a Small Information Security Budget

Though organizations have increased spending on security products and talent, many IT leaders may feel as if the increased spending doesn't keep up with dollars lost to attacks. Research by Venafi notes a large percentage of today's CIOs believe they are "wasting millions on inadequate cybersecurity."

This is not to suggest the answer is to cut back. You can't do cyber security on a $0 technology or staffing budget. But one thing remains clear and cannot be argued, the threat vector is growing and will continue to grow. Putting your effort into the right places, you can achieve 24/7/365 compliance and strong defenses on a small budget. In this blog, you'll learn three aspects of security strategy with big impacts.

Read More
Post Image

The Best File Integrity Monitoring Software for Businesses

In the age of advanced persistent threats (APT), distributed denial of service (DDoS), and other raging security risks, file integrity monitoring can be a way to detect threats and act quickly. FIM is also required by PCI and NERC-CIP and is a best practice for FISMA, SOX, HIPAA, and GLBA. Many organizations who adopt FIM can benefit from better security and compliance. However, not all tools are the same—or even similar.

Today's security administrators are frustrated by "blind spots," slow security response, and automated collection of risk data, notes eWeek . The right file integrity monitoring software can solve all of these common issues and more.

Read More
Post Image

How To Pass Interim PCI  DSS Compliance Assessments 80% of Retailers Fail

Eighty percent of retailers and other PCI-impacted organizations fail interim compliance assessments. According to the 2015 PCI Compliance Report by Verizon Enterprise, retailers are finding that maintaining compliance is probably harder than achieving compliance.

When it came to data breaches, the same Verizon research found that all retailers were out of compliance at the time of their attacks. Retailers who experience a breach with customer data loss suffer long-lasting effects that are much greater than the cost of regulatory fines, notification, and investigation. Breached retailers also generally experience lasting damage to consumer trust and revenues.

Read More
Post Image

5 Ways to Ensure POS Malware Doesn't Ruin Your Holidays

The holiday season may not spell peace or joy for countless IT professionals this year. The 2016 Kaspersky Black Friday Threat Overview predicts that not only will the 2016 holiday shopping season be a record-breaker in terms of retail sales, it will also contain an unprecedented number of information security crimes.

In fact, their key findings state that criminals are already working double-time. Underground retailers of skimming systems and other financial crime tools are experiencing high sales as crime collectives gear up for record-breaking theft. Join us as we review how to protect your point-of-sale (POS) systems during the 2016 holidays so you're not affected by the coming spike in attacks.

Read More
Post Image

How to Stop a DDoS Attack Before It Can Disrupt Your Business

Distributed denial of service attacks (DDoS) are growing in size and frequency. Arbor Networks research has found that there is an average of 124,000 DDoS events each week and that the peak attack size has grown 73% in the last twelve months.

Falling prey to a DDoS attack can result in hours of downtime for your employees and customers as your web services are disrupted and unavailable. The fiscal impact from these attacks can cost large enterprises millions of dollars.

Read More
Post Image

5 Lessons to Learn From GAO's Latest Information Security Assessment

Federal agencies are at a staggeringly increased risk of information security attack. The U.S. General Accountability Office (U.S. GAO) released a report in September 2016 titled Federal Information Security: Actions Needed to Address Challenges, authored by Information Security Issues Director Gregory C. Wilshusen. Over the past nine years, the GAO report states, security incidents at federal agencies have increased 1300%.

The report includes data-driven insight into the state of security at federal agencies, as well as a recommended series of actions for organizations to address. While it's critical reading for government security officials, there's also a wealth of insights for professionals who work in a corporate setting.

Read More
Post Image

5 Security Risks in Migrating to Office 365 — and What to Do About Them

Mitigating the security risks of cloud-based migrations requires both planning and thorough knowledge of product-specific obstacles. In a May 2015 presentation shared on Microsoft Developer's Network, Microsoft researchers stated that 35% of the Exchange user base had completed an Office 365™ migration. Many other organizations will be making the switch to cloud-based Microsoft products in the coming months.

Read More
Post Image

6 Things to Know About Distributed Denial of Service Attacks (DDoS)

Reddit. Twitter. Netflix. Amazon.

These four sites aren't only some of the most popular web services worldwide. They're all organizations that have suffered downtime due to distributed denial of service (DDoS) attacks in recent weeks.

Wired's Kim Zetter defines DDoS as " an attack that overwhelms a system with data—most commonly a flood of simultaneous requests sent to a website to view its page." These attacks can result in extended periods of downtime for businesses, frustrated customers, and lost revenue.

Read More
Post Image

What Is The Long-Term Potential of Cyber Insurance?

 

Much like cyber terrorism, cyber insurance has recently had a growth spurt. Companies first started considering working with insurance companies to mitigate cyber incidents just before the new millennium. It was the late 1990s, and the threat of "Y2K" worried some organizations about coverage.

Read More