Integrated solutions using advanced analytics and artificial intelligence (AI) bring expanded functionality and enhanced security to swinging doors and turnstiles
While artificial intelligence (AI) is becoming an integral part of business operations in myriad market segments around the globe, security applications have been slower to adopt it into the mix. However, the added health risks organizations now face from COVID-19 have forced both security solutions providers and users to rethink how AI can help mitigate those risks.
Enterprise security teams need the ability to see, and they need good sound—sound that is clear, intelligible, and understood, every time. Only then can security teams acquire actionable business intelligence, increase operational efficiency, and mitigate safety and security risks. What are some examples within enterprise security where “good sound” and high-definition audio can help security teams to reduce security risks?
Almost every American adult knows that cyberattacks and breaches are ubiquitous and have primarily targeted companies and government entities. They might even know that the single most common breach these days is ransomware, a malicious process by which hackers dismantle computer systems and don’t fix them until a ransom is paid. Few, however, are aware that ransomware is targeting a new set of highly vulnerable victims en masse. In recent months, the majority of successful ransomware attacks have struck K-12 schools nationwide, casting a whole new light on the number of Americans highly susceptible to a cyberattack.
News quickly spread about a vulnerable call recording app for iPhone named “Call Recorder,” or “Acr call recorder,” as its listing in the Apple App Store states. TechCrunch was the first outlet to flag a design flaw with the mobile application’s API when it obtained call recordings from AWS S3 cloud storage to prove it was insecure and therefore open to API-based attacks. The weaknesses exhibited by the mobile app represent a vital shift occurring in cybersecurity towards the importance of the protection and hardening of APIs. From this instance alone, we can learn a number of valuable lessons as API attacks are set to rise drastically this year. Most of the issues in the Call Recorder vulnerability map directly to the OWASP API Security Top 10, a list that captures the most common API mistakes. This document is a great reference for DevOps and security teams that are looking to implement strong API security that can be applied to both web and mobile application systems, including those in the cloud.
5G, as often happens with new technologies, will likely introduce both digital and business revolution along with a plethora of new threat vectors. In particular with the exposure of new connected devices, industries and services, and sensitive assets will undoubtedly be affected by new cyber threat agents; the EU, however, is ready to mitigate these potential threats.
As we continue to embrace hybrid work, chief information security officers (CISOs) and compliance teams are wading through and in some cases even overlooking many different areas related to collaboration security. We’ve highlighted the top three areas of risk in this post which should keep CISOs awake at night. The remote workplace continues to evolve at lightning speed, and so too should CISOs – or risk sensitive materials ending up in the wrong hands.
While a number of useful countermeasures are being taken across corporate boards, progress remains relatively slow in the face of borderline existential threats. Not so long ago, companies thought of cybersecurity as a technology problem to be overseen by the chief security officer or the chief information officer, or as a compliance issue to be managed with audit functions. Today, thankfully, a more holistic, proactive and analytical approach is generally taken. There is more security training and better hygiene and most boards now count a seasoned CISO as one of their directors.
Ransomware is one of the most prominent cybersecurity threats organizations face today. Any institution or company (small or large) can fall victim to ransomware – including schools, healthcare providers, educational facilities, non-profit entities, and government agencies. Cybercriminals that deploy ransomware attacks do not discriminate. Thankfully, there are ways to protect your organization from ransomware attacks. In this article, you’ll discover everything you need to know about ransomware as a chief information security officer (CISO), from its evolution to preventative methods to prevention.
A coordinated response effort from museums and cultural heritage institutions enable security directors to continue to ensure the security of their collections and facilities.
To maintain a unified security and safety operation during closure, many museums and cultural heritage institutions have relied on tried-and-true security and risk management practices, and repurposed their time and energy to reassess, monitor and explore additional risk-mitigation measures to safely reopen and welcome the public back through their doors.
Life used to be simpler for security teams. In the legacy world, they had a clear understanding of the environment they needed to protect—typically the standard LAMP stack (Linux, Apache, MySQL, PhP). Within this straightforward, relatively static infrastructure, they could carve out a network layer all for themselves to implement the security technologies of their choice. They also had a direct line to vendors to discuss the security controls that needed to be implemented. But in the age of DevOps and cloud, things just don’t work this way anymore. Four key changes have left security teams struggling to protect applications and organizations.