Security Compliance: The Less You Spend the More You Pay
The costs of complying with data protection requirements are steep, but the costs of non-compliance are even higher, a new study shows. Like the old saying about an ounce of prevention being better than a pound of cure, complying with data protection requirements can be expensive, but the financial consequences of non-compliance can hurt a…
Database of 1.4 Billion Credentials Found on Dark Web
Researchers have found a database of 1.4 billion clear text credentials in what appears to be the single largest aggregate database yet found on the dark web. These are not from a new breach, but a compilation of 252 previous breaches, including the previous largest combo list, Exploit.in. The database was found by 4iQ on 5…
Cyber Security Strategies that Won’t Break the Bank
Throughout my career, I have seen first-hand the real world impacts that a breach in cyber security can have on customers, businesses and communities. With cyber attacks growing in number and sophistication, today security is a requirement of “doing business”, however, many companies and organizations lack the knowledge and resources to secure their platforms, products…
The buck stops here: 8 security breaches that got someone fired
A secure network is a sign that a CSO is doing their job right – but it’s also something that’s hard to notice. It’s not exciting when nothing happens! But when something does happen in security, that’s usually really bad. It’s a great way for a CSO or CIO to get fired, or to get…
How cybersecurity solutions can help with GDPR compliance
Technical (protection) measures, means, technologies, rules and resources are mentioned multiple times throughout the GDPR text. The Regulation does not, however, specify any security technology implementation as obligatory (a few methods are suggested as optional solutions for the specific usage). Choice and evaluation of adequacy is the sole responsibility of the data controller and processor.
Redefining perimeter network security: The future is a hybrid
The idea of perimeter defense is as old as servers themselves — say the word and it conjures up images of ENIAC-sized machines buzzing in locked rooms, firewalls separating them from the outside world. Unless you work for the CIA, that’s likely not your reality. Instead, the data you secure lives in the cloud, flowing…
Cybersecurity skills shortage creating recruitment chaos
Because of the global cybersecurity skills shortage, nearly half of all cybersecurity professionals are solicited to consider other jobs at least once per week. Here’s a quick review of some of the cybersecurity skills shortage data I’ve cited about in recent blogs: 1. According to ESG research from early 2017, 45 percent of organizations claim…
Imgur confirms breach, 1.7 million users affected
Popular image hosting website Imgur has announced on Friday that hackers stole usernames and passwords of 1.7 million of its users. The breach dates back to 2014, when Imgur still encrypted the stored passwords with the SHA-256 algorithm, which has since been found too weak to withstand brute forcing.
Innovation, Collaboration and Security Awareness: What We’re Grateful for This Thanksgiving
2017 has been yet another year full of widespread, highly disruptive ransomware attacks, data-destroying malware outbreaks and other headline-grabbing security incidents. However, with more organizations increasing their level of security awareness, sharing threat intelligence, achieving regulatory compliance, and recruiting more women and new collar workers to launch cybersecurity careers, there is plenty to be thankful for this Thanksgiving.
‘Advanced’ Cyber Attack Targets Saudi Arabia
Saudi authorities said Monday they had detected an “advanced” cyber attack targeting the kingdom, in a fresh attempt by hackers to disrupt government computers. The government’s National Cyber Security Centre said the attack involved the use of “Powershell”, but it did not comment on the source of the attack or which government bodies were targeted.