Regardless of industry, when an unexpected event takes place and brings day-to-day operations to a halt, your organization needs to recover as quickly as possible and continue to provide services to its clients. From data security breaches to system disruptions to natural disasters, no business is immune to risk. Not having a disaster recovery plan in place can expose the organization to high financial implications, reputation loss and even greater… Read More
Aligning Security and Compliance on a Budget
Excerpts from NorCal CyberSecurity Summit on September 5, 2018; session presented by Shahin Pirooz, CTO/CISO of DataEndure. You can watch the full presentation here. More and more organizations and agencies are getting attacked on a daily basis, with newer threat vectors emerging faster than ever and even new business models developing to take advantage of the extremely lucrative cybercrime market. The city of Atlanta serves as a recent example (and warning)… Read More
To SIEM or not to SIEM?
From ransomware to DDoS attacks, companies are under siege. To effectively mitigate breach risk today requires enormous expertise, resources and budget. Companies are losing more each year on cybercrime than they are spending to prevent it. Security Incident and Event Management (SIEM) tools are one example of how organizations are attempting to combat the problem of cybercrime. A SIEM scans your network and provides visibility into suspicious/illegitimate activity. Unfortunately, as… Read More
Does Your Cloud Journey Feel Like an Episode of Survivor?
You’re not alone! In a recent Forbes article “Why The Cloud Is A Risky Business“, the author points out the complexities and struggles many companies face in their cloud transformation journey. The numbers speak for themselves – 77% of enterprises are thinking about making the jump to the cloud. The reality is businesses and vendors are traveling this road together, all inspired by the promises of this “brave new world”. While… Read More
Going on the Offensive Against Security Threats
In June, DataEndure participated in the Argyle CISO Leadership Forum panel, “Security Innovation; Unifying Proactive and Reactive.” Security leaders from across industries discussed the nature of insider threats, and where they are seeing the most opportunity for attacks – and innovation. This Executive Summary highlights the key themes and ideas that came out of the session. Time to Go on the Offense Historically, organizations (and vendors) have focused on reactive… Read More
Cyber-Response Fatigue: Relief in Sight
A recent article in Security Magazine highlighted a “clear and present danger” for many organizations today—that of cyber-response fatigue. In short, those tasked with securing their companies against IT risk are hitting their limits. With shrinking public tolerance for cybersecurity breaches and greater penalties for noncompliance in regulated industries (consider, for example, the GDPR that just went into effect), the heat and light on and from the boardroom have intensified dramatically. There is a fundamental… Read More
Enemy at the Gate?
Reflecting on the recent ransomware attack that shut down the city of Atlanta’s online systems, even weeks later, officials are still struggling to restore key services across the extensive service network. While details about the attack remain thin (and understandably so); authorities have confirmed the city experienced a ransomware cyberattack accompanied by a written demand for $51,000 in bitcoin. While this “hostage situation” played out, scores of government services came to a standstill,… Read More
Why your GDPR risk management approach matters
The GDPR comes into effect in less than 75 days, and with fines of up to 4% of your total revenue per infraction, it’s critical to understand your company’s exposure. With the intent of making businesses more accountable for breaches and loss of data, this legislation is being taken very seriously, and organizations are likely to face assessments to ensure their policies are in line with the rules. With the… Read More
Learn more about the Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability
Situation On January 29th Cisco published a critical CVE affecting their Adaptive Security Appliance (ASA) line of Next-Generation Firewalls. The vulnerability exists within the XML parser of the ASA Software. Upon initial disclosure, Cisco had not seen attacks in the wild utilizing this vulnerability. However, within the past week sources have indicated that attackers weaponized this vulnerability to some degree. Researchers detected attackers using the vulnerability to DDOS honeypot systems. Problem… Read More
Get past the media buzz around the “Spectre” and “Meltdown” vulnerabilities.
Situation On January 3, 2018, researchers, including those with Google Project Zero, released information on three new vulnerabilities: CVE-2017-5753: bounds check bypass CVE-2017-5715: branch target injection CVE-2017-5754: rogue data cache load They grouped these vulnerabilities under the names “Spectre” (CVE-2017-5753 and CVE-2017-5715) and “Meltdown” (CVE-2017-5754). Comprehensive details on both of these are available at https://meltdownattack.com. Security updates to address these vulnerabilities began releasing before disclosure on January 3, 2018. Security updates are continuing… Read More
- « Previous Page
- 1
- …
- 7
- 8
- 9
- 10
- 11
- Next Page »