Organizations Struggle Implementing Compliance Requirements Including NIST & Zero Trust Mandates
Over the last year, we’ve seen a literally flood of government legislation and formal guidance concerning cybersecurity best practices. New mandates have been coming or to the cyber community fast and furious, and government agencies and their contractors have had
How CASB Solutions are Improving Cloud Security
Cloud access security brokers (CASBs) are on-premises, or cloud-based security policy enforcement points, typically placed between cloud service consumers and their cloud service providers (CSB). The solutions often combine and add enterprise security policies when cloud-based resources are accessed. Further,
How EDR Solutions are Bolstering Cybersecurity Defenses
Endpoint Detection and Response (EDR), also referred to as endpoint detection and threat response (EDTR), is an endpoint security solution that continuously monitors end-user devices to detect and respond to cyber threats like ransomware and malware. Coined by the ex-Gartner Analyst
Is an MDR Solution or an MSSP Partnership Better for Your Organization?
In this blog post, we want to analyze the differences between a Managed Detection and Response (MDR) solution and a Managed Security Services Provider (MSSP) partnership and how organizations can differentiate between the two and choose which one or both
The Perspective of a Cyber Security Leader – An Interview with Bill Boni
Who is Bill Boni? Retired former Senior Vice President Information Security at T-Mobile USA and Corporate Security Officer at Motorola Bill Boni’s Biography Bill Boni is one of the leading information risk management practitioners based in the USA, with broad experience in all
Developing a Highly Skilled IT Security Workforce
Bill Boni is one of the leading information risk management practitioners based in the USA, with broad experience in all aspects of creating, sustaining, and transforming security protection for organizations. A visionary information security leader with outstanding written and verbal
Lessons Learned in Defending Against the Log4j Vulnerability – A Case Study
Authors of this Blog Post include SecureOps Employees - Michal Kavan, SOC Director - Andrew Morrison, SOC Manager and Alejandro Perez, Sr. SOC Analyst In December, several Log4j vulnerabilities also known as Log4shell or LogJam in many of the IT security
The Log4j Vulnerability is Likely to be a Significant Threat for Years
Until last month, Log4j was simply a popular Java logging framework; one of the numerous components that run in the background of many modern web applications. But since the zero-day vulnerability (CVE-2021-44228) was published, Log4j has made a huge impact
The 5 Elements to Effectively Managing HIPAA Compliance
Managing Patient Data (PHI) Sprawl In 1996, the Health Insurance Portability and Accountability Act (HIPAA) created an electronic data interchange that health-care providers and other related organizations are required to use for electronic transactions. The HIPAA Privacy regulations require health care
Phishing and Wire Transfer Scams are Victimizing Corporate Executives
“CEO Fraud” or “CEO Fraud Phishing” Doubled Over the Past Year CEO Fraud is a scam in which cyber criminals either spoof or literally take over company email accounts to impersonate executives in order to try and trick an employee in