Request a Demo
Welcome to the Cygilant Blog

WPA3 Is Coming. How Should Your Security Program Change?

Posted by Trevan Marden on Jul 3, 2018

By now, you’ve likely heard that the next wireless security protocol has been announced by the Wi-Fi Alliance. WPA3, builds on previous Wi-fi Protected access standards and is designed to address issues with encryption in the previous standard (such as the KRACK exploit on WPA2 revealed late last year). The new standard will utilize 192-bitencrpytion and Opportunistic Wireless Encryption (OWE) which will ensure communications between router and device each use their own encryption keys, rather than sharing data. There are also new protections against dictionary attacks. The standard is not likely to be broadly adopted until 2019 and may require new hardware if updated firmware is not issued for existing devices.

SOC as a Service is More Than Security Automation

Posted by Trevan Marden on Jun 29, 2018

I’ve written previously that Automation Can’t Replace People in a security program. This week, an article on DarkReading provided more data points on this topic. The shortage of skilled security talent is very real, with just 45% of organizations reporting their security teams were fully staffed according to a DarkReading survey earlier this year. According to a study by (ISC)2 also cited in  the article, the shortfall is projected to reach 1.8 million by 2022. As a result, organizations are struggling to hire the staff they need to secure their organizations.

Overcoming Cybersecurity Challenges with Managed Security Services

Posted by Trevan Marden on Jun 27, 2018

An article on SecurityWeek this week announced the results of the IDC Worldwide and U.S. Comprehensive Security Services Forecast, which showed that managed security services is the largest and fastest-growing of the segments they covered. The article points to two key drivers of this growth: growing complexity of Security Operations and an overwhelming volume of security incidents.

Understanding Cybersecurity Regulations for Banks

Posted by Trevan Marden on Jun 15, 2018

Banks are a prime target for cyberattacks. Banks store and utilize a large volume of confidential data surrounding their client’s personal information, account information, and other data.  For bank leaders, it’s important to understand the unique challenges and regulations you must meet to protect this data. Attacks may range from malware, phishing or DDoS, to sophisticated compound attacks that use multiple methods at once to infiltrate the organizations and compromise security. You must be prepared to prevent, detect, and remediate any potential security incidents. 

The Move Towards “Zero Trust” and the Need for Security Monitoring

Posted by Trevan Marden on Jun 13, 2018

In a recent article for Forbes, Dave Lewis recalls an experience earlier in his career in which the physical access controls to production servers were completely undermined by lack of proper network segmentation. In the article, he notes that traditional network segmentation is now being replaced with movement towards “zero trust.” The concepts of “inside the network” versus “outside the network” are melting away as organizations steadily move towards cloud-based and hybrid infrastructures.

Flash Player Vulnerabilities and Patch Management

Posted by Trevan Marden on Jun 8, 2018

It was reported yesterday that Adobe has once again issued a critical patch for it’s Flash Player browser plugin due to a vulnerability that is being actively exploited to deploy malicious software. We’ve written before about the dangers of Flash and even Adobe has announced it will end support for the software at the end of 2020. However, while many security-minded professionals have heeded the advice to remove or enable click-to-run for this plugin, others have not. Many organizations still rely on websites and software that utilize the plugin for needed functionality and can’t simply remove the software entirely.

Daily Security Briefing - June 8, 2018

Posted by Trevan Marden on Jun 8, 2018

Grab your coffee and read up on today's top information security stories and articles from around the web:

Daily Security Briefing - June 7, 2018

Posted by Trevan Marden on Jun 7, 2018

Grab your coffee and read up on today's top information security stories and articles from around the web:

Daily Security Briefing - June 6, 2018

Posted by Trevan Marden on Jun 6, 2018

Grab your coffee and read up on today's top information security stories and articles from around the web:

Daily Security Briefing - June 5, 2018

Posted by Trevan Marden on Jun 5, 2018

Grab your coffee and read up on today's top information security stories and articles from around the web:

Subscribe to Email Updates

Experience how Cygilant SOCVue and 24x7 GSOC Team can help detect threats, prioritize vulnerabilities and apply patches.

Request a Demo

Most Popular Posts

Posts by Topic

See All