Request a Demo
Welcome to the Cygilant Blog

4 Things to Look for in a Patch Management Solution

Posted by Trevan Marden on Aug 3, 2018

We’ve seen all too often that the cause of the major breaches we see in the news is failure by the organization to patch a software vulnerability for which a patch has long been available. As a result, more and more organizations are looking for solutions that help make the process of identifying and deploying patches easier and more automated. If you’re looking for a solution for patch management, here are four things to consider:

Blackhat 2018: What to Expect

Posted by Jack Gill on Jul 20, 2018

With Black Hat USA  2018 coming up in a few short weeks, it seems like a good time to unpack the results of their 2018 USA Attendance Survey. The survey was distributed to anyone who either attended the 2017 conference or expressed interest in visiting the 2018 session. The report covers topics from updated office policies on Facebook use to approval of President Trump, and these are what we at Cygilant thought were the most important. We are most interested to know how information security professionals are spending their time and what they’re not looking forward to combating in the next year.

Cybersecurity Hiring and Skills Gap is Still a Challenge

Posted by Trevan Marden on Jul 18, 2018

A report from Gartner announced this week on DarkReading found that nearly one out of three companies don’t have on-staff cybersecurity expertise. Gartner research director Rob McMillan and principal research analyst Sam Olyaei compiled the 2018 CIO Agenda Survey from over 3,000 respondents the article said. And while more organizations have cybersecurity staff than previous years, one third are still lacking a dedicated resource.

WPA3 Is Coming. How Should Your Security Program Change?

Posted by Trevan Marden on Jul 3, 2018

By now, you’ve likely heard that the next wireless security protocol has been announced by the Wi-Fi Alliance. WPA3, builds on previous Wi-fi Protected access standards and is designed to address issues with encryption in the previous standard (such as the KRACK exploit on WPA2 revealed late last year). The new standard will utilize 192-bitencrpytion and Opportunistic Wireless Encryption (OWE) which will ensure communications between router and device each use their own encryption keys, rather than sharing data. There are also new protections against dictionary attacks. The standard is not likely to be broadly adopted until 2019 and may require new hardware if updated firmware is not issued for existing devices.

What to Know About FFIEC Compliance

Posted by Trevan Marden on May 18, 2018

The Federal Financial Institutions Examination Council (FFIEC) provides cybersecurity standards and auditing for financial institutions and regulatory bodies including: The Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), and the Consumer Financial Protection Bureau (CFPB).

Automation Can’t Replace Role of People in Security

Posted by Trevan Marden on May 8, 2018

This week, an article on DarkReading served as a good reminder that technology alone can only take us so far in the fight against cyber threats. The role of trained security staff cannot be simply replaced by automation.

Increase ROI with Managed Security Services

Posted by Trevan Marden on Apr 6, 2018

When resources are unlimited, you can afford wasteful spending. But for most organizations with limited IT budgets and too few staff, it’s important to invest your security spend wisely. This means finding the ways to stretch your dollar further and get better value out of your investments. You can’t afford to waste money on solutions that are never deployed or require staff you don’t have to manage.

The Disconnect Between CIO, IT Manager, and Security Engineer

Posted by Chris Durocher on Apr 2, 2018

I’ve spent the past few years calling into CIOs, IT Managers, or Security Engineers discussing where their security program is today and what they would like it transformed too. Even though you probably dread the sight of an unknown number, my favorite part of my position is being a facilitator of conversation as well as understanding the focus of all parties involved. What I’ve come to realize is the disconnect that often exists within the security team and the individual goals differ position to position.

7 Signs You Should Invest In Security As A Service

Posted by Miguel De Los Santos on Mar 20, 2018

As a Solutions engineer, we have the privilege of listening to mid-sized and large organizations that are struggling to keep up with the ever-changing cyber security landscape. This blog post will provide insight and hopefully educate those with one or more of the following signs that a Security as a Service was needed yesterday.

Let’s pause though. What is Security as a Service? This is a software-as-a-service security program that comprehensively identifies threats, helps mitigate risk and meet compliance. Generally, this is comprised of a balance between People, Process, and Technology.

 

How to Get a 24x7 SOC Team Without Hiring

Posted by Trevan Marden on Mar 16, 2018

Is your team overwhelmed and under-resourced? Extend your team and gain a 24x7 SOC without hiring for a single new position. Given the shortage of security talent in the market today, it can be extremely difficult to hire and retain qualified staff even if you have the resources. For those who don’t, it can be near to impossible. 

Subscribe to Email Updates

Experience how Cygilant SOCVue and 24x7 GSOC Team can help detect threats, prioritize vulnerabilities and apply patches.

Request a Demo

Most Popular Posts

Posts by Topic

See All