In mid-December of this year, Cygilant was fortunate enough to participate in a great cause. Our building management team invited every company to participate in a Holiday Gift Drive for Children, through the Massachusetts Department of Children and Families. Once a company elects to participate in the drive and provides the number of employees participating, the building management sends a list of children who, due to circumstances out of their control, do not have any family to provide them gifts during the Holiday season. Each employee is given the child’s age, gift requests in order of need/desire and clothing size. Once the gifts are wrapped and labeled, Cygilant delivered them to the building management team, who will share them with the Social Workers and children.
Financial institutions face approximately 85 serious cyber attacks each year. Of these attacks, one-third succeed. While this may not seem like a large number, consider that these threats put people's money at risk each time.
Threats led to the introduction of the Federal Financial Institutions Examination Council (FFIEC). The FFIEC has created security guidelines since 1979. Security risks have changed and increased since the establishment of the guidelines.
That's why the FFIEC examination handbook gets updated regularly. These updates keep up with new risks and changing technology.
We’ve seen all too often that the cause of the major breaches we see in the news is failure by the organization to patch a software vulnerability for which a patch has long been available. As a result, more and more organizations are looking for solutions that help make the process of identifying and deploying patches easier and more automated. If you’re looking for a solution for patch management, here are four things to consider:
The quick answer is probably yes, wherever you can.
Google recently announced that since deploying physical security fobs to all of its employees, none had been successfully phished on work-related accounts. Google also announced plans to introduce its own hardware fobs – the Titan Security Key, although they look suspiciously identical to those currently offered by Feitian. This may be the endorsement needed to force greater support for the U2F standard which employs a physical fob to generate authentication tokens as a second factor.
Yesterday’s reports showed that Amazon AWS continues to grow rapidly--up almost 50% for the last quarter over the quarter the year before. This reflects the steady move by companies adopting cloud infrastructure to realize cost savings, and particularly companies choosing AWS to deliver these services.
Managed detection and response helps solve the needs of organizations who lack resources and enables organizations to better detect and respond to threats. MDR services complement an organization’s own IT or security team to help provide the extra eyes for 24x7 coverage along with security expertise and guidance for remediating potential security incidents that are detected. However, not all services provide the same features. So, it’s important to ask these four questions when looking at managed detection and response solutions.
With Black Hat USA 2018 coming up in a few short weeks, it seems like a good time to unpack the results of their 2018 USA Attendance Survey. The survey was distributed to anyone who either attended the 2017 conference or expressed interest in visiting the 2018 session. The report covers topics from updated office policies on Facebook use to approval of President Trump, and these are what we at Cygilant thought were the most important. We are most interested to know how information security professionals are spending their time and what they’re not looking forward to combating in the next year.
A report from Gartner announced this week on DarkReading found that nearly one out of three companies don’t have on-staff cybersecurity expertise. Gartner research director Rob McMillan and principal research analyst Sam Olyaei compiled the 2018 CIO Agenda Survey from over 3,000 respondents the article said. And while more organizations have cybersecurity staff than previous years, one third are still lacking a dedicated resource.
With so many data breaches in the news, organization everywhere are reviewing their cybersecurity programs to ensure they stay out of the headlines. Since many high-profile data breaches have been caused by unaddressed vulnerabilities for which patches were available, organizations are increasingly looking to deploy solutions to help close these gaps.
How does vulnerability management help prevent hacks?