Risk Management January 12, 2023

Now You SIEM, Now You Don’t —Six Failures of Cybersecurity

4 min read - Security information and event management (SIEM) frameworks are essential for enterprises to monitor, manage and mitigate the impact of evolving cyberattacks. As the number of threats and the financial impact of breaches increase, these frameworks are even more crucial. Consider…

Government January 3, 2023

How Can the White House’s New IoT Labels Improve Security?

3 min read - The White House’s National Security Council (NSC) is working on an ambitious project to improve consumer Internet of Things (IoT) security through industry-standard labeling. If successful, the labeling system will replace existing frameworks across the globe. Modeled after the EPA’s…

Network August 23, 2022

Beyond Shadow IT: Expert Advice on How to Secure the Next Great Threat Surface

4 min read - You’ve heard all about shadow IT, but there’s another shadow lurking on your systems: Internet of Things (IoT) devices. These smart devices are the IoT in shadow IoT, and they could be maliciously or unintentionally exposing information. Threat actors can…

Application Security March 22, 2022

IoT Security and the Internet of Forgotten Things

4 min read - In 2017, the number of connected devices surpassed the world’s human population. That’s a lot of things. However, many of them were not built with security in mind. It didn’t take long for attackers to take advantage of Internet of…

Risk Management January 28, 2022

When it Comes to Stopping IoT Security Camera Breaches, Focus on Procurement

4 min read - Earlier this year, an enterprise security camera system maker suffered a data breach. The incident, which involved the compromise of a Jenkins server, enabled a group of attackers to bypass the company’s authorization system, including its two-factor authentication processes. Those…

Incident Response January 6, 2022

Cyber Awareness 2022: Consider Deepfakes, NFTs and More

4 min read - From deepfakes to crypto crime to in-flight drone-based data theft, cyber awareness in 2022 will look a bit different. Good cyber awareness means knowing these risks, even if some of them sound stranger than science fiction. Cyber Awareness and Deepfake…

Incident Response December 10, 2021

IoT Security: Protecting Food and Agriculture Organizations

3 min read - Ransomware actors are targeting food and agriculture organizations, potentially disrupting business. Luckily, there are already formal structures in place to boost the IoT security defenses they need. Knowing them keeps the lifeblood of industrial farms and food delivery going. Businesses…

Identity & Access December 9, 2021

IAM OT Security Risks Call for Strategic Defenses

5 min read - Today’s technology requires today’s identity and access management (IAM). In the past, operational technology (OT) systems were physically and logically separated from a company’s enterprise corporate business environment and the external world. That served as a control to protect them…

Incident Response November 19, 2021

How to Design IoT Security From the Ground Up

4 min read - The Internet of Things (IoT) is a powerful boon to business. But it also represents a massive potential expansion of the cybersecurity attack surface. So far, IoT inclusion in many organizations has been poorly organized, haphazard and poorly planned. This…

Application Security September 29, 2021

What Video Doorbells Have to Teach Us About the Difficulties of IoT Security

4 min read - The Amazon-owned smart home product manufacturer Ring recently announced that it’s strengthening the security of its Internet of Things (IoT) motion-detecting doorbell cameras by offering end-to-end encryption (E2EE) for streaming video footage. There’s a catch, though. Users who opt to…