Request a Demo
Welcome to the Cygilant Blog

Cybersecurity Hiring and Skills Gap is Still a Challenge

Posted by Trevan Marden on Jul 18, 2018

A report from Gartner announced this week on DarkReading found that nearly one out of three companies don’t have on-staff cybersecurity expertise. Gartner research director Rob McMillan and principal research analyst Sam Olyaei compiled the 2018 CIO Agenda Survey from over 3,000 respondents the article said. And while more organizations have cybersecurity staff than previous years, one third are still lacking a dedicated resource.

WPA3 Is Coming. How Should Your Security Program Change?

Posted by Trevan Marden on Jul 3, 2018

By now, you’ve likely heard that the next wireless security protocol has been announced by the Wi-Fi Alliance. WPA3, builds on previous Wi-fi Protected access standards and is designed to address issues with encryption in the previous standard (such as the KRACK exploit on WPA2 revealed late last year). The new standard will utilize 192-bitencrpytion and Opportunistic Wireless Encryption (OWE) which will ensure communications between router and device each use their own encryption keys, rather than sharing data. There are also new protections against dictionary attacks. The standard is not likely to be broadly adopted until 2019 and may require new hardware if updated firmware is not issued for existing devices.

What to Know About FFIEC Compliance

Posted by Trevan Marden on May 18, 2018

The Federal Financial Institutions Examination Council (FFIEC) provides cybersecurity standards and auditing for financial institutions and regulatory bodies including: The Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), and the Consumer Financial Protection Bureau (CFPB).

Automation Can’t Replace Role of People in Security

Posted by Trevan Marden on May 8, 2018

This week, an article on DarkReading served as a good reminder that technology alone can only take us so far in the fight against cyber threats. The role of trained security staff cannot be simply replaced by automation.

Increase ROI with Managed Security Services

Posted by Trevan Marden on Apr 6, 2018

When resources are unlimited, you can afford wasteful spending. But for most organizations with limited IT budgets and too few staff, it’s important to invest your security spend wisely. This means finding the ways to stretch your dollar further and get better value out of your investments. You can’t afford to waste money on solutions that are never deployed or require staff you don’t have to manage.

The Disconnect Between CIO, IT Manager, and Security Engineer

Posted by Chris Durocher on Apr 2, 2018

I’ve spent the past few years calling into CIOs, IT Managers, or Security Engineers discussing where their security program is today and what they would like it transformed too. Even though you probably dread the sight of an unknown number, my favorite part of my position is being a facilitator of conversation as well as understanding the focus of all parties involved. What I’ve come to realize is the disconnect that often exists within the security team and the individual goals differ position to position.

7 Signs You Should Invest In Security As A Service

Posted by Miguel De Los Santos on Mar 20, 2018

As a Solutions engineer, we have the privilege of listening to mid-sized and large organizations that are struggling to keep up with the ever-changing cyber security landscape. This blog post will provide insight and hopefully educate those with one or more of the following signs that a Security as a Service was needed yesterday.

Let’s pause though. What is Security as a Service? This is a software-as-a-service security program that comprehensively identifies threats, helps mitigate risk and meet compliance. Generally, this is comprised of a balance between People, Process, and Technology.

 

How to Get a 24x7 SOC Team Without Hiring

Posted by Trevan Marden on Mar 16, 2018

Is your team overwhelmed and under-resourced? Extend your team and gain a 24x7 SOC without hiring for a single new position. Given the shortage of security talent in the market today, it can be extremely difficult to hire and retain qualified staff even if you have the resources. For those who don’t, it can be near to impossible. 

Thinking About Security as a Service? 7 Reasons Why It's Time to Stop!

Posted by Kevin Landt on Mar 15, 2018

Have you been thinking about using Security as a Service to supplement your team? If any of the statements below apply to your company, it’s time to stop thinking about it and start a new approach that incorporates Security as a Service into your operations.

5 Things to Look for in a Security-as-a-Service Provider

Posted by Trevan Marden on Mar 2, 2018

Information security is becoming a competitive advantage in many industries, with companies that can be trusted with financial data and personal information becoming better able to attract and retain customers and partners. Security as a service allows resource-constrained organizations to keep a level playing field with larger enterprises. Instead of a large upfront fixed cost for software such as SIEM, personnel hiring and professional integration services, security as a service spreads those costs over the subscription period. This model can provide more flexibility when budgeting IT expenditures. The scarcity of trained security professionals makes hiring trained staff in-house difficult. With security as a service, you can often receive around-the-clock security coverage for less than the cost of staffing one shift in-house.

Subscribe to Email Updates

Experience how Cygilant SOCVue and 24x7 GSOC Team can help detect threats, prioritize vulnerabilities and apply patches.

Request a Demo

Most Popular Posts

Posts by Topic

See All