Life used to be simpler for security teams. In the legacy world, they had a clear understanding of the environment they needed to protect—typically the standard LAMP stack (Linux, Apache, MySQL, PhP). Within this straightforward, relatively static infrastructure, they could carve out a network layer all for themselves to implement the security technologies of their choice. They also had a direct line to vendors to discuss the security controls that needed to be implemented. But in the age of DevOps and cloud, things just don’t work this way anymore. Four key changes have left security teams struggling to protect applications and organizations.
In order to remain resilient and meet the emerging priorities around effective supplier management, improved business continuity planning, and increased community engagement, business leaders need to assess and benchmark their performance around three core areas of organizational resilience: operational resilience, supply chain resilience, and information resilience.
Human error contributes to almost 95% of security breaches. Most security approaches still fail at making a desired impact. Let’s analyze the two main reasons why businesses fail to develop a robust, human-centric security approach.
While the flexibility granted to remote workers is game changing, employers have new concerns about the security of a hybrid setup. COVID-19 vaccinations are now within reach for a majority of Americans, meaning enterprises need to re-examine the remote office model many were forced to adopt over the past year. Experts anticipate that a hybrid work model with an equal number of workers in office and remote to be the new model of choice.
If you’d like to learn how your enterprise can re-tool security strategies and ensure security for both remote and in-office employees, keep reading on for a conversation with cybersecurity expert Brent Johnson, CISO at Bluefin, on how leadership can address security challenges specific to a hybrid work model.
Supply Chain Risk is more pertinent now that digital transformation initiatives are the norm. In a recent Ponemon study, 82% of respondents believe their organization experienced at least one data breach due to digital transformation. At the same time, 55% said with certainty that at least one of the three breaches was caused by a third party. Reporting on SCRM and gaining visibility into the cyber risk across third parties is critical to the security of both small and large organizations, especially in the digital age we live in.
Take a look at the threat landscape in Asia as the COVID-19 pandemic continues, vaccination programs start or continue, and geopolitical tensions evolve.
Meet Max Vetter, Chief Cyber Officer of Immersive Labs. Before joining Immersive Labs, Vetter spent seven years working with the Metropolitan Police Service as a police officer, intelligence analyst, and covert internet investigator. After leaving his career in law enforcement, he trained the private sector and government agencies in ethical hacking and open source intelligence, specializing in darknets and cryptocurrencies. This included three years of teaching at the GCHQ Cyber Summer School. Here, we speak to Vetter about emerging threats in the cybersecurity space and general security trends he has been noticing throughout the industry.
OpenText acquired Carbonite and Webroot in December 2019, helping expand the company’s cyber resilience portfolio and strengthening its comprehensive information management offering. As it happens, the acquisition could not have come at better time. By the end of March 2020, 98% of OpenText’s global workforce of more than 14,000 had pivoted to remote work due to COVID-19. OpenText, like so many others, had to adapt to the new normal and find a way to protect the data and devices that were now well beyond the company network and firewall.
Data breach and privacy incidents occur daily at organizations of all sizes. It happens all too frequently. And while it is obvious that breaches continue impacting hundreds of thousands of lives, legal and compliance teams are not always brought in to manage each breach. With increased focus from regulators and law enforcement agencies to ensure organizations fulfill their obligations for post-breach notifications, legal teams can help quickly coordinate internal processes, and take swift action to begin the process of remediating damage and initiate immediate legal steps to protect the enterprise, and comply fully with all regulatory obligations. Here, we talk to AJ Samuel, co-Founder and Chief Product Officer at Exterro, about the many benefits of retaining legal counsel, who can better protect the integrity and confidentiality of the incident response.
Many companies are struggling to adapt their security strategy to accommodate the new normal. With remote working now an ongoing reality, there has been a rush to adopt and integrate a slew of new tools and cloud platforms to facilitate collaboration and maintain productivity. However, in the race to connect everyone, security implications are often overlooked. This, coupled with the fact that relying solely on a corporate firewall is no longer a sound security strategy, puts many organizations at risk.
So, what should companies do now to adjust their security strategy? Here are five factors to adhere to that will prevent cybercriminals from taking advantage of the virtual business environment.