Organizations Struggle Implementing Compliance Requirements Including NIST & Zero Trust Mandates
Over the last year, we’ve seen a literally flood of government legislation and formal guidance concerning cybersecurity best practices. New mandates have been coming or to the cyber community fast and furious, and government agencies and their contractors have had
Two-Thirds of Organizations Were Hit by a Ransomware Attack Last Year
In SpyCloud’s Ransomware Defense Report, its annual survey of CISOs or Chief Information Security Officers and heads of IT security from Canada, the UK, and US they found that that security teams are starting to lose hope that they can
How CASB Solutions are Improving Cloud Security
Cloud access security brokers (CASBs) are on-premises, or cloud-based security policy enforcement points, typically placed between cloud service consumers and their cloud service providers (CSB). The solutions often combine and add enterprise security policies when cloud-based resources are accessed. Further,
How to Implement an Effective Vulnerability Management Program
We’ve written considerably on Vulnerability Management, Vulnerability Assessments and Patching because they are so critical to preventing attacks. I’ve provided links to several of the most read blog posts we have written on the subject. In this blog post, we’ll
Nearly 50% Of Businesses Had a Cloud-Based Data Breach or Failed Audit
In the 2022 Thales Global Cloud Security Study, commissioned by Thales and conducted by 451 Research, reported that 45% of businesses it surveyed have experienced a cloud-based data breach or failed audit in the past 12 months, up 5% from
The Fundamental Elements of Cyber Hygiene
Cyber Hygiene or IT hygiene involves best practices related to cybersecurity to protect your network and infrastructure from threats. It serves as the basic foundation for a proactive, systematic, and comprehensive approach to data protection. Taking the time to create
Assessing and Mitigating the Log4j Vulnerability
A Vulnerability Management Case Study Authors of this blog post include Subramani Sundar- Director, Threat & Vulnerability Management, Tamika Miyashita- Security Project Manager, Tanveer Chowdhury- Security Manager, & Peter Bellarmine - Lead Security Engineer This is the 3rd blog post we have
Lessons Learned in Defending Against the Log4j Vulnerability – A Case Study
Authors of this Blog Post include SecureOps Employees - Michal Kavan, SOC Director - Andrew Morrison, SOC Manager and Alejandro Perez, Sr. SOC Analyst In December, several Log4j vulnerabilities also known as Log4shell or LogJam in many of the IT security
The Log4j Vulnerability is Likely to be a Significant Threat for Years
Until last month, Log4j was simply a popular Java logging framework; one of the numerous components that run in the background of many modern web applications. But since the zero-day vulnerability (CVE-2021-44228) was published, Log4j has made a huge impact
Developing a Risk-Based Vulnerability Management Program A Real-Life Case Study
Custom Security Solutions Empower Organizations to Create Robust, Efficient Vulnerability Management Programs Vulnerability management exists for the purpose of identifying and remediating vulnerabilities in systems quickly before they are exploited. Vulnerabilities, which are essentially weaknesses within software can lead to a