I spent the first few years of my career as a financial advisor and hated every day. It was boring, slow paced, and confusing to customers. Two words to describe asking grandma about her annuity over every holiday dinner: not fun. So in 2012, I joined the fast-paced, ever-changing world of cybersecurity. Over the past six years, I have held a number of sales roles, both in leadership and as an individual contributor. I have found it – thankfully – to be the exact opposite of the finance world… except when it comes to the confusion in the market.
This week, as the World Economic Forum (WEF) met in Davos, Switzerland, cybersecurity took a key spot on the agenda. The World Economic Forum announced plans Wednesday for a new Global Centre for Cybersecurity. “The new Global Centre for Cybersecurity is designed as the first platform to tackle today’s cyber risks in a truly global manner,” Alois Zwinggi, managing director for the WEF, told CyberScoop. The new group is intended to facilitate increased public-private collaboration and information sharing on cyber threats. “Only through collaboration, information exchange and common standards can the global community successfully counter organized digital crime,” said a press release from the organization.
With 2018 approaching fast, you will be thinking about your IT and security projects for the next year. Many amazing open source tools have been developed and matured over the past couple of years that will help you both be more secure and make your job easier. We have picked five top open source tools that can automate and help secure your IT infrastructure, preparing your organization for future success and compliance.
Are you looking to take your cybersecurity program to the next level? One of the most important steps in maturing your security program is moving to a dedicated team responsible for managing cyber risk.
Many organizations try to get by with someone on the IT team wearing the security hat. However, most recognize that this is only a temporary stage that will need to be addressed for several reasons:
As you are coming back from the Thanksgiving weekend and looking forward to the holiday season with friends and family we wanted to take a moment to explain what we are thankful for at Cygilant.
As many know, security information and event management (SIEM); the part of a cybersecurity program that analyzes real-time events and alerts triggered by software or devices has been around quite some time. At Cygilant we have spent over a decade building a platform for analyzing SIEM data. It was not an easy task. As many in the security industry know, working with SIEM data is no small undertaking. So, to say we are very thankful for vendors and technologists that continue to develop and support SIEM is an understatement.
The first and most important action is to educate users of the systems. Most ransomware and cyber-attacks, in general, rely on a user taking an unintended action; commonly a user executes a seemingly normal but nefarious file. Because of this attack vector users should be wary of unsolicited emails, especially ones with attachments and links. To take this one step further users should know what types of files and operations commonly make changes to their systems. This will help them understand when changes are normal or something out of the ordinary is attempting to make changes. To name a few, for example, users of windows machines might want to investigate exe, msi, bat, or ps1 file types prior to executing them.
If you follow cybersecurity news, you’ve been seeing DMARC come up a lot recently, with reports that DHS will be looking at federal agency use of DMARC, vendors lagging on implementing DMARC, and calls for organizations to finally stamp out fake emails. But what is DMARC, and how does it differ from SPF and DKIM? What protection does DMARC offer?
Chances are the content of this article traversed some wireless network prior to being displayed on the device you are using (or prior to being printed out for you hard copy purists). However, today we learned the WPA2 (WiFi Protected Access II), is vulnerable to key reinstallation attacks. For the past 14 years, WPA2 has been considered the industry standard for maintaining a secure wireless network for personal and enterprise connectivity. What makes this newly released vulnerability different than the recent security headlines is this attack is not leveraging unpatched software or a company’s implementation of technology. This attack actually exposes flaws in the protocol specification (standard) itself; meaning all implementations of the standard are (likely) also vulnerable.