Office 365 third-party risks and configuration guidance
A new security report highlights some of the risks organizations face when moving to the cloud and potential configuration vulnerabilities.
Cybersecurity Articles
CIS Controls Version 7.1 released
The Center for Internet Security (CIS) has released its new version 7.1 of the top 20 Critical Security Controls. The updated version includes new Implementation Groups designed to identify relevant CIS controls that are reasonable for an organization with a similar risk profile and available cybersecurity resources.
NIST SP 800-177 Revision 1: “Trustworthy Email”
The National Institute of Standards and Technology (NIST) has releases its Security Publication (SP) 800-177 Revision 1, that include security guidelines and recommendations for achieving “trustworthy email”.
Many organizations lacking adoption of key CIS controls
A recent survey conducted by Tripwire revealed organizations are not fully adopting security controls from key benchmarks, such as the Center for Internet Security (CIS).
OWASP Top 10 2017 Web Application Security Risks: What’s Changed?
The Open Web Application Security Project (OWASP) released the OWASP Top 10 – 2017. The new standard includes the ten most critical web application security risks. This is the first update since the 2013 version.
What Are Application Containers And How Do I Secure Them?
You may have wondered what application containers are, let alone how to secure them. The National Institute of Standards and Technology (NIST) sets out to explain the benefits and security concerns with application container technologies in the latest Special Publication (SP 800-190) Application Container Security Guide.
6 Important Safeguards To Stop Insider Threats
Insider threats can be malicious or inadvertant, but the consequences can lead to costly brand damage or significant financial losses to your company. Understanding the types of insider threats and corresponding risk indicators can help minimize impact and damage caused by such threats.
Introduction to Information Security: 11 Key Takeaways
In case you missed it, the National Institute of Standards and Technologies (NIST) published a new guideline “An Introduction to Information Security” for individuals looking to get a better understanding of introductory information security best practices.
5 Key Challenges Facing Cyber Threat Intelligence Sharing
As worldwide cyber threats keep growing, cyber criminals are constantly adapting their methods to attack organizations and evade detection. Standing on our own against such malicious attackers, most organizations don’t have a chance without effective threat communication between the public and private sectors.
IoT Cyber Attack Methods And Ways To Defend Them
In a recent cyber threat report, McAfee provided some good intelligence on how cybercriminals use Mirai attacks to infect poorly configured Internet of Things (IoT) devices and turn them into bots used for large scale network attacks.