Request a Demo
Welcome to the Cygilant Blog

GDPR is Here. Are You Compliant?

Posted by Trevan Marden on May 25, 2018

GDPR (the General Data Protection Regulation) goes into effect today, May 25.  You’ve probably been receiving a stream of notifications from numerous companies announcing updated privacy policies or asking you to re-confirm your subscriptions to their email lists in light of the new regulations.  The regulation, adopted in 2016 in the EU and now going into effect, is intended to protect private party’s data and give EU citizens increased control over how their data is collected, used and stored. It’s important to recognize that the regulation does not apply only to businesses in EU member states, but to any organization who processes the personal data of EU citizens.

5 Great Open Source Tools to Automate and Secure Your Infrastructure

Posted by Lydia Dwyer on Dec 4, 2017

With 2018 approaching fast, you will be thinking about your IT and security projects for the next year. Many amazing open source tools have been developed and matured over the past couple of years that will help you both be more secure and make your job easier. We have picked five top open source tools that can automate and help secure your IT infrastructure, preparing your organization for future success and compliance.

A Tale of Two Security Vendors

Posted by John Linkous on Feb 28, 2017

Over the past two weeks, the security industry has seen some disclosures (or in one case, a half-disclosure) of vulnerabilities within their products.  In at least two of these cases, we know that these vulnerabilities could have led to a significant compromise of data and systems.  But what’s really interesting about these two vendors is how they responded to the discovery.

David and Goliath Redux

Posted by John Linkous on Feb 21, 2017

In the story of David and Goliath, an underdog managed to win a contest against a much larger, stronger foe.  Looking at the state of information security today, a David-and-Goliath scenario is very much present; except David is the small and midsize business (SMB) market, and Goliath is the marauding horde of attackers, malware and other bad actors trying to break their systems and steal their data.  And just like in the biblical tale, SMB organizations are dealing with an opponent who seems impossible to defeat.

Why a Cybersecurity Plan Should Be In Your 2017 Budget

Posted by Shawn O'Brien on Dec 28, 2016


Cybersecurity simply demands a portion of your yearly budget.

When planning out a budget for the new year, finding a place for cybersecurity can be difficult. You want to put that money toward new ventures, but you also know that a major breach can forever damage your reputation. 

To help those waffling between how much to put into digital defenses, let's review some of the biggest reasons having a plan is worth the time and money.

 

Top 3 Reasons to Outsource Your IT Security

Posted by Security Steve on Dec 21, 2016


Can an outside company help your organization's security infrastructure?

Many business leaders feel as if IT security should be a service that's kept in-house. While it's true that internal employees do need to be able to take steps to ensure the safety of company data, there are a host of advantages to allowing an experienced outside company to take the reins. 

So, what can your organization get out of outsourcing IT security? 

1. Your team may not be experienced enough

Although your IT employees are obviously very talented individuals, there's a good chance that cybersecurity isn't their main focus. While these workers surely know a good deal about this topic, it may not be enough to stop an impending cyberattack. 

Why It's Difficult For An IT Team to Monitor Cyber Threats

Posted by Security Steve on Nov 21, 2016


It's not easy to protect corporate computers from cyber attacks.

When you're trying to protect your home computer from cyber threats, what do you normally do? You probably download the latest malware program and update your firewall.

But IT security at the corporate level is much more complicated, costly and time consuming.

"IT security at the corporate level is complicated, costly and time consuming."

After all, if it was easy to protect systems, IT criminals wouldn't have gained access to the Trump Hotel Collection and stolen credit card information from 70,000 individuals. The Australian Red Cross wouldn't have faced a cyber breach that resulted in hackers gaining access to 550,000 blood donors' personal information. And Anthem health insurance systems wouldn't have had to deal with the fall out of a breach that exposed the personal information of nearly 80 million people.

What are the Most Common IT Security Vulnerabilities?

Posted by Vijay Basani on Nov 3, 2016


Companies must be prepared for even the most common IT security breaches.

Businesses must take IT security seriously because their financial future depends on it. IT security is a broad topic that covers a range of different fields.

Here we'll discuss common vulnerabilities and why companies must ensure their operational systems are well-protected from cybercriminals.

 

"Interjection vulnerabilities are one of the most common and oldest web application vulnerabilities."

1. Injection vulnerabilities

Interjection vulnerabilities, such as cross-site scripting and CRLF injection, are one of the most common and oldest web application vulnerabilities because it's easy for cybercriminals to access and affect (or infect) them.

3 Things About Cybersecurity Your Boss Wants to Know

Posted by Kevin Landt on Oct 25, 2016


Are CEOs aware of cybersecurity best practices? They should be.

Managers are versatile employees who understand how to run departments and motivate employees, but they may not always be the most well informed about cybersecurity. However, this isn't their fault!

 

The landscape of cybersecurity changes every day, and IT professionals must always stay on their toes to protect networks against new, advanced phishing and malware attacks. After all, cybercriminals are always on the lookout for new holes and weakness to exploit. Department managers simply don't have the time to run teams and IT security practices. 

 

IT professionals need to keep management well informed about new IT security protocols, updates, possible breaches, and actual attacks. In more detail, here are three things your boss wants to (or should know) about cybersecurity:

Breaking Down Yahoo IT Breach of 500 Million User Accounts

Posted by Shawn O'Brien on Oct 11, 2016


500 million Yahoo accounts were breached and possibly stolen in 2014.

IT security is a growing issue that companies must address before it's too late. For example, take Yahoo, which recently experienced what some are calling the biggest breach of all time, when cybercriminals stole information from 500 million user accounts.

 

"Yahoo believes that criminals stole an assortment of personal information."

Confirmed by Bob Lord of Cisco in a statement, Yahoo believes criminals stole an assortment of personal information from users, although it suggests unprotected passwords, bank account information and payment card data were left untouched.

Subscribe to Email Updates

Experience how Cygilant SOCVue and 24x7 GSOC Team can help detect threats, prioritize vulnerabilities and apply patches.

Request a Demo

Most Popular Posts

Posts by Topic

See All