It’s 1pm on a Tuesday. Do you know what’s going on in your cloud?
It’s that time again to reflect on the past year and look to the future. At Cygilant, we spent time predicting what’s to come in cybersecurity in 2020.
Cybersecurity is a hot-button issue for everyone —from the C-suite and board of directors to security professionals and business owners. It seems like every day a new company is in the headlines for suffering a data breach. Organizations of all sizes require 24x7x365 protection.
Updated October 2019
Although data privacy and data security are often used as synonyms, they share more of a symbiotic type of relationship. Just as a home security system protects the privacy and integrity of a household, a data security policy is put in place to ensure data privacy. When a business is trusted with the personal and highly private information of its consumers, the business must enact an effective data security policy to protect this data. The following information offers specific details designed to create a more in depth understanding of data security and data privacy.
As a Security-as-a-Service Agency, we get the benefit of seeing cybersecurity trends across industries. One of the hardest things we see clients tackling is what to focus on. Should you tackle new hacks, the talent crunch, meat and potatoes or the latest technologies?
No doubt every credit union will have heard of the Automated Cybersecurity Examination Tool (ACET). It’s the latest compliance requirement aiming to provide a repeatable, measurable and transparent process that improves and standardizes supervision related to cybersecurity in all federally insured credit unions. A Cybersecurity Agency delivering Security-as-a-Service can help credit unions with the people and repeatable process to meet ACET requirements.
As cyber attacks, alerts and patches increase and IT budgets and staff growth stay stagnant, how can you, an SMB IT security professional, keep up?
There is no doubt that security monitoring is important regardless or company size or industry. According to the respected Verizon 2019 Data Breach Investigations Report, “…we don’t see any industries flying completely under the radar. …everyone is vulnerable to some type of event.” The question is how to implement an effective program. Many companies jump into a project without considering managed security monitoring as an alternative to an in-house SIEM deployment.
How to Protect Against Credential Stuffing Attacks
It’s impossible to miss the reports of massive, high-profile data breaches. Adobe, Ancestry, Bitly, Comcast, Dropbox, Equifax, Google+, Marriott Starwood, T-Mobile, Ticketfly, LinkedIn, Yahoo and many other companies have leaked massive amounts of personal information, such as user names and passwords. But you may not be aware of what happens to this data after it’s been stolen.
Cybercriminals often purchase stolen data on the Dark Web. For example, on February 17, 2019, a hacker going by the name Gnosticplayers put eight hacked databases containing data for 92.75 million users on sale for 2.6249 bitcoins (about $9,300) on the Dark Web Marketplace known as Dream Market. Previously, the same hacker had posted a batch of 16 databases containing data for 620 million users and another batch of eight databases with data from 127 million users.
How Security-as-a-Service gives you a leg up in developing a comprehensive cybersecurity plan
If you’re one of the thousands of banks, mortgage companies, insurers and other financial service firms that do business in the state of New York, your deadline to complete the final phase of compliance with the New York Department of Financial Services (NYDFS) Cybersecurity Regulation is upon you.
On March 1, 2019, you are required to ensure that third-parties who access your customers’ private data have security protections in place. This measure comes on the heels of three previous sets of requirements, rolled out in phases beginning in March of 2017, designed to address today’s increasingly sophisticated cybersecurity threats.