How much is a vulnerability worth?
As part of its crowdsourced security program, Zoom has recently increased the maximum payout for vulnerabilities to $50,000. Such figures make great headlines and attract new talent in search of the big bucks, but here is a question that begs to be answered: how much is a vulnerability worth? I have previously found several bugs…
6 board of directors security concerns every CISO should be prepared to address
Data breaches, ransomware attacks and concerns over risks tied to the global pandemic have heightened interest in cybersecurity among corporate boards of directors. Security leaders say BoDs have become more engaged in security matters, have a keener understanding of cyber issues, and have begun asking more sophisticated question about risk exposure and ways to manage…
Key cybersecurity problems expected to mark 2021
After a year in which COVID-19 upended the way we live, work and socialize, we are likely to see an increased threat from ransomware and fileless malware in 2021, according to ESET. Trend 1: The future of work – embracing a new reality The advent of the pandemic has ushered in mass implementation of remote…
Combating the virtual and physical threats banks face
The banking sector has always been at the center of criminal attention. Today, banks must contend with near-constant cyber attacks from organized criminal gangs, as well as highly skilled and well-resourced threat actors working on behalf of nation-states. In recent years we have seen multiple APT groups launching sophisticated attacks on financial institutions around the…
The CISO’s guide to rapid vendor due diligence
Vendors are at the heart of many companies’ processes and activities, and their numbers are increasing. But the process of onboarding vendors has become complicated because of concerns about cybersecurity. In 2019, nearly half of companies experienced a significant data breach through a third party. To prevent such incidents, security professionals demand that vendors demonstrate…
Review: Specops Password Policy
Specops Password Policy is a powerful tool for overcoming the limitations of the default password policies present in Microsoft Active Directory environments. To be fair, Microsoft did revise and upgrade the default password policy and introduced additional, granular fine-tuning options over the years, but for some enterprise environments that’s still not enough, so Specops Password…
What’s next for cloud backup?
Cloud adoption was already strong heading into 2020. According to a study by O’Reilly, 88% of businesses were using the cloud in some form in January 2020. The global pandemic just accelerated the move to SaaS tools. This seismic shift where businesses live day-to-day means a massive amount of business data is making its way…
Cybersecurity is failing due to ineffective technology
A failing cybersecurity market is contributing to ineffective performance of cybersecurity technology, a Debate Security research reveals. Based on over 100 comprehensive interviews with business and cybersecurity leaders from large enterprises, together with vendors, assessment organizations, government agencies, industry associations and regulators, the research shines a light on why technology vendors are not incentivized to…
Moving to the cloud with a security-first, zero trust approach
Many companies tend to jump into the cloud before thinking about security. They may think they’ve thought about security, but when moving to the cloud, the whole concept of security changes. The security model must transform as well. Moving to the cloud and staying secure Most companies maintain a “castle, moat, and drawbridge” attitude to…
Can we trust passwordless authentication?
We are beginning to shift away from what has long been our first and last line of defense: the password. It’s an exciting time. Since the beginning, passwords have aggravated people. Meanwhile, passwords have become the de facto first step in most attacks. Yet I can’t help but think, what will the consequences of our…
