Topic: Industry & Business Best Practices

From the Summer 2023 Issue

How Live Patching Can Help Transform a SecOps Team’s Workload

Author(s):

Jim Jackson, President and Chief Revenue Officer, TuxCare

Live Patching

As cyber risk continues to increase across the enterprise, so has the sheer number of tasks and responsibilities of today’s CISOs and their teams. Gone are the days when IT security leadership operated on a largely tactical level, separate from major decisions. Now, these leaders are part of the backbone of their organization, aligning strategic … Read more

From the Spring 2023 Issue

Establishing A “Security First” Approach for IoT Devices No Matter the Industry

Author(s):

Thorsten Stremlau, Co-Chair of Trusted Computing Group Marketing Work Group | Systems Principle Architect at Nvidia, Trusted Computing Group

Across the globe, society has become increasingly dependent on digital technologies. By 2030, over 25.4 billion Internet of Things (IoT) devices are expected to play a crucial role in our daily lives. As a result, it is essential that developers adopt a ‘secure by design’ approach to ensure both device protection and integrity throughout any … Read more

From the Spring 2023 Issue

Staying Cybersecure in 2023: Implementing Blockchain Technology

Author(s):

Joe Darrah, Freelance, Journalist

Stay Cybersecure in 2023

Cyberterrorism is a persistent, unrelenting threat to the security of any organization that utilizes the internet or any networked system today. Consider the attack launched on the United States Colonial Pipeline Company in May 2021 and the subsequent decision to pay the offenders $4 million in a ransom blackmail scheme in order to restore the … Read more

From the Winter 2023 Issue

Level-up API Protection with Identity and Centralized Trust

Author(s):

Gary Archer, Product Marketing Engineer, Curity

Level-up-API

Introduction API security has matured over the years, and the best practice has moved away from older security methods such as API keys. Token-based authentication is the norm, but too often, a significant concern is overlooked: identity. An identity focus is critical for modern APIs to mitigate risk and prevent cyber-attacks. In this article, we … Read more

From the Fall 2022 Issue

Through the Lens of a CISO

Author(s):

Andres Andreu, CISO, 2U, Inc.

Through the Lens of a CISO

A modern-day cybersecurity leader, typically a Chief Information Security Officer (CISO), needs to look at the world, its events, its meta-data, its features and its people in a very specific way in order to be successful. While some of this may sound borderline paranoid to outsiders, a good CISO develops a healthy respect for opposing … Read more

Is the Cyber Kill Chain Model the Ultimate Solution to Rising Ransomware Attacks?

Author(s):

Waqas S, Cybersecurity Journalist, DontSpoof

Cyber Kill Chain Model

Ransomware attacks have long since been on a steady rise, wreaking havoc and destruction within the cybersecurity industry. Since the coronavirus pandemic in 2020, there has been a 148% rise in ransomware attacks.  The situation in 2021 was alarming as the number of attacks continued increasing. The year 2021 saw some of the worst ransomware … Read more

3 Mistakes to Avoid When Deploying DMARC in Your Organization

Author(s):

Harry Wilson, Head of Digital Marketing Department, Globex Outreach

Deploying DMARC

Currently, most organizations understand the importance of deploying Domain-Based Message Authentication Reporting and Conformance (DMARC) to stay safe from the rising email fraud cases. DMARC protects your business’ trusted domains from endless email spoofing and cybersecurity attacks. Deploying this email authentication protocol prevents spoofers and phishers from exploring vulnerabilities in your email domain, which helps … Read more

Purple Teaming: A Key Solution in Addressing Evolving Threats

Author(s):

MK Akram, Project Manager, Globex IT Solutions

Purple Teaming - USCYBERCOM

From the SolarWinds attack to the attempt to poison Florida city’s water supply and the Colonial Pipeline shutdown due to ransomware, recent months have demonstrated how aggressive cybercriminals have become—which raises the question: are modern cybersecurity solutions really that ineffective? With one major attack after another, the expectation is that organizations would have already undertaken … Read more

Bots: to Block or Not to Block? Effective Bot Management Strategy

Author(s):

Emma Yulini, Outreach Manager, Rise Digital

Bot Management - Good Bots - Malicious Bots

A significant portion of users visiting your site are not human. In 2017, more than 50% of internet traffic came from bots, and while there have been some improvements in recent years, today it’s estimated that more than 40% of all internet traffic comes from bots, and around 25% comes from malicious, bad bots. Malicious bots … Read more

From the Spring 2021 Issue

How Much is Too Much When Paying Out a Reward for a Vulnerability?

Author(s):

Alex Haynes, CISO , IBS Software

how-much-is-too-much-when-paying-out-a-reward-for-a-vulnerability

There has been a lot of publicity surrounding ‘bug bounty’ programs that pay out seemingly large rewards for finding vulnerabilities in web applications. This trend has increased over the years as crowdsourced security programs have matured since their inception almost 10 years ago and their adoption has become mainstream. Should we pay out large sums … Read more