Proper segregation of a network is one simple line of defense against malicious threats that is very effective. Even the latest security systems won’t always protect your network if it’s not properly set up and segregated into different role based sections. These different sections or VLANS are what help keep your network safe. When carved-out properly an attacker will have to traverse several roadblocks along the way. The key to a properly segregated network is multiple areas with different permissions and roles for each area. This will prevent an attacker who infiltrates the network in one area from obtaining information from another area.
I spent the first few years of my career as a financial advisor and hated every day. It was boring, slow paced, and confusing to customers. Two words to describe asking grandma about her annuity over every holiday dinner: not fun. So in 2012, I joined the fast-paced, ever-changing world of cybersecurity. Over the past six years, I have held a number of sales roles, both in leadership and as an individual contributor. I have found it – thankfully – to be the exact opposite of the finance world… except when it comes to the confusion in the market.
This week, as the World Economic Forum (WEF) met in Davos, Switzerland, cybersecurity took a key spot on the agenda. The World Economic Forum announced plans Wednesday for a new Global Centre for Cybersecurity. “The new Global Centre for Cybersecurity is designed as the first platform to tackle today’s cyber risks in a truly global manner,” Alois Zwinggi, managing director for the WEF, told CyberScoop. The new group is intended to facilitate increased public-private collaboration and information sharing on cyber threats. “Only through collaboration, information exchange and common standards can the global community successfully counter organized digital crime,” said a press release from the organization.
With 2018 approaching fast, you will be thinking about your IT and security projects for the next year. Many amazing open source tools have been developed and matured over the past couple of years that will help you both be more secure and make your job easier. We have picked five top open source tools that can automate and help secure your IT infrastructure, preparing your organization for future success and compliance.
Are you looking to take your cybersecurity program to the next level? One of the most important steps in maturing your security program is moving to a dedicated team responsible for managing cyber risk.
Many organizations try to get by with someone on the IT team wearing the security hat. However, most recognize that this is only a temporary stage that will need to be addressed for several reasons:
As you are coming back from the Thanksgiving weekend and looking forward to the holiday season with friends and family we wanted to take a moment to explain what we are thankful for at Cygilant.
As many know, security information and event management (SIEM); the part of a cybersecurity program that analyzes real-time events and alerts triggered by software or devices has been around quite some time. At Cygilant we have spent over a decade building a platform for analyzing SIEM data. It was not an easy task. As many in the security industry know, working with SIEM data is no small undertaking. So, to say we are very thankful for vendors and technologists that continue to develop and support SIEM is an understatement.
The first and most important action is to educate users of the systems. Most ransomware and cyber-attacks, in general, rely on a user taking an unintended action; commonly a user executes a seemingly normal but nefarious file. Because of this attack vector users should be wary of unsolicited emails, especially ones with attachments and links. To take this one step further users should know what types of files and operations commonly make changes to their systems. This will help them understand when changes are normal or something out of the ordinary is attempting to make changes. To name a few, for example, users of windows machines might want to investigate exe, msi, bat, or ps1 file types prior to executing them.