While the buck stops at the CEO's desk, are they really the ones who should be driving corporate cybersecurity? Today, since the damage caused by a cyber breach rivals that of a terrible business decision, it only makes sense that the c-suite should be fully invested in corporate cybersecurity. The only thing that's keeping pace [...]
When it comes to putting an appliance in your network for out-of-band management, you want to think carefully about whether that appliance is based on an open or closed platform. It might just be the difference between locking up network security and being open for business for hackers. A Linux platform lends itself to building [...]
The release of Cisco's Annual Security Report shows that corporate security teams are not patching holes in their software or security tools. Less than half of the respondents at 1,700 companies in nine countries use standard tools for ensuring they are running the latest versions of software. This study comes in the year that saw [...]
The Facebook downtime event on January 27th, where an hour-long outage at Facebook cut off access to critical status updates worldwide in addition to Instagram posts and Tinder hook-ups, shows the sensitivity of large organizations to public perception of hacking threats. The Lizard Squad hacking group, which apparently took control of the Malaysia Airlines website [...]
Gartner says that the average firm makes 10,000 changes annually to its IT environment. It's no wonder change management can make or break your network. Literally. Security patches, interdependencies among various components of your network, and the ability to recover from a disaster are driving factors to companies attempting to create a Configuration Management Database [...]
In August, NIST requested feedback from the owners and operators of the nation's critical infrastructure to understand how the Framework for Improving Critical Infrastructure Cybersecurity was being used and how it could be improved. Most of the responses posted by NIST were not from organizations running the infrastructure, but tech companies and industry associations. The [...]
In the month dedicated to more awareness topics than any other, you won't want to miss out on National Cyber Security Awareness Month (NCSAM). While you won't likely see sporting events with athletes sporting uniform accessories with neon green of NCSAM's logo (well, maybe the Seahawks...), you might be surprised to know that this year [...]
In today’s environment of advanced persistent threats it is essential for organizations to have near real-time knowledge of their enterprise IT infrastructure so responses to external and internal threats can be made swiftly. A successful continuous monitoring program provides visibility into assets, and leverages use of automated data feeds to quantify risk, ensure effectiveness of [...]
The remote nature of offshore drilling platforms used to ensure the safety of their networks from the world wide web with three W's of another sort: a physical barrier of waves, wind and water. On-board, the "air gap" between vessel control systems, process control systems and data networks is shrinking as these become increasingly linked [...]
NIST, the National Institute of Standards and Technology, held its fifth public workshop last week in Raleigh, North Carolina on a comprehensive cybersecurity framework mandated in a February 2012 executive order. The framework is designed to improve cybersecurity across sixteen critical infrastructure industries and build up from a basic core of functions based around the [...]
