Office 365 third-party risks and configuration guidance
A new security report highlights some of the risks organizations face when moving to the cloud and potential configuration vulnerabilities.
A new security report highlights some of the risks organizations face when moving to the cloud and potential configuration vulnerabilities.
The Center for Internet Security (CIS) has released its new version 7.1 of the top 20 Critical Security Controls. The updated version includes new Implementation Groups designed to identify relevant CIS controls that are reasonable for an organization with a similar risk profile and available cybersecurity resources.
The National Institute of Standards and Technology (NIST) has releases its Security Publication (SP) 800-177 Revision 1, that include security guidelines and recommendations for achieving “trustworthy email”.
A recent survey conducted by Tripwire revealed organizations are not fully adopting security controls from key benchmarks, such as the Center for Internet Security (CIS).
The Open Web Application Security Project (OWASP) released the OWASP Top 10 – 2017. The new standard includes the ten most critical web application security risks. This is the first update since the 2013 version.
You may have wondered what application containers are, let alone how to secure them. The National Institute of Standards and Technology (NIST) sets out to explain the benefits and security concerns with application container technologies in the latest Special Publication (SP 800-190) Application Container Security Guide.
Insider threats can be malicious or inadvertant, but the consequences can lead to costly brand damage or significant financial losses to your company. Understanding the types of insider threats and corresponding risk indicators can help minimize impact and damage caused by such threats.
In case you missed it, the National Institute of Standards and Technologies (NIST) published a new guideline “An Introduction to Information Security” for individuals looking to get a better understanding of introductory information security best practices.
As worldwide cyber threats keep growing, cyber criminals are constantly adapting their methods to attack organizations and evade detection. Standing on our own against such malicious attackers, most organizations don’t have a chance without effective threat communication between the public and private sectors.
In a recent cyber threat report, McAfee provided some good intelligence on how cybercriminals use Mirai attacks to infect poorly configured Internet of Things (IoT) devices and turn them into bots used for large scale network attacks.