Request a Demo
Welcome to the Cygilant Blog

Technology: 1/3 of the Battle

Posted by Mike Leonard on Feb 12, 2018

I spent the first few years of my career as a financial advisor and hated every day.  It was boring, slow paced, and confusing to customers.  Two words to describe asking grandma about her annuity over every holiday dinner: not fun.  So in 2012, I joined the fast-paced, ever-changing world of cybersecurity.  Over the past six years, I have held a number of sales roles, both in leadership and as an individual contributor.  I have found it – thankfully – to be the exact opposite of the finance world… except when it comes to the confusion in the market.

How to Craft an Effective Data Security Plan

Posted by Security Steve on Aug 2, 2016

A data security plan is an organization's framework for employing security tools to make sure digital information is accurate, reliable, and available when those with authorized access need it—and not those without authorized access, such as malicious hackers. There are a few basic steps involved in assembling a quality data security plan:

How to Build a Successful Information Security Program Regardless of the Talent Shortage

Posted by Security Steve on Jul 18, 2016

 

As the field of cybersecurity explodes, it becomes harder for corporations to attract the talent they need. To make matters worse, there's a shortage of qualified cybersecurity professionals. According to an ESG research report, 44% of organizations are short-staffed in cybersecurity, and an ISACA study found that 35% have open cybersecurity positions they're unable to fill. In this challenging hiring market, how can you attract the talent you need to stay safe?

Financial Institutions: Tips for Strengthening Your Cybersecurity Program

Posted by Security Steve on May 20, 2016

Banks, credit unions, and other financial institutions face major challenges when protecting financial data in today’s threat landscape and must also deal with compliance mandates for GLBA, FFIEC, SOX, PCI, and a patchwork of federal, state, and other industry regulations. For example, In March of this year, the National Futures Association enacted its Cybersecurity Interpretive Notice to help structure and strengthen members’ information security programs. These guidelines suggest that each member firm establish a written governance framework, assess and prioritize IT risks, defend specifically against identified threats and vulnerabilities, create incident response plans, and provide continuous employee training. These guidelines build on the SEC’s Cybersecurity Examination Initiative conducted by the Office of Compliance Inspections and Examinations (OCIE), which focus on six key areas in its audits:

  • Cybersecurity Governance and Risk Assessments
  • Access Rights and Controls
  • Data Loss Prevention (DLP)
  • Vendor Management
  • Cybersecurity Incident Response
  • Cybersecurity Awareness & Training

It's Time to Reconsider These Overused (and Outdated) Security Techniques

Posted by Vijay Basani on May 4, 2016

 

Many companies today tend to employ certain familiar cybersecurity solutions that were once sufficient in the past but are now outdated. These answers may have worked decades ago, when breaches were less common and cybersecurity was the province of an elite few, but now cyber attackers are far more numerous and far more advanced. Yesterday's advice no longer protects firms from costly data compromises. Here are three outdated techniques, and what organizations should be doing instead.

Why Your Board of Directors Needs a CIO As a Member

Posted by Shawn O'Brien on Jan 14, 2016

You don’t have to be a cyber security expert to realize that the digital world is under immense pressure to defend against sophisticated cyber attacks. The significant data breaches in 2015 alone -- to organizations such as Ashley Madison, Premera, Anthem, Office of Personnel Management, and the IRS -- are a scary reminder that no one is safe and that everyone needs to improve their cyber security posture. There's no better time than now to start shifting the balance of cyber security intelligence back into the hands of the “good guys.”

Savings vs. Security: The Costs of Sacrificing Cybersecurity

Posted by Security Steve on Nov 30, 2015

Coerced by the pressures of competition, businesses have to carefully weigh the value of every minute and every expense, seeking to maximize productivity and minimize expenses. In such a stressful environment, it can be easy to disregard the necessity of cybersecurity. If a company has not suffered a data breach in the past, it may not encounter one in the future—or so the thinking goes. But when security is sacrificed, any gains are likely to be short-lived, leading to serious consequences.

The Illusion of Speed

Cybersecurity takes time to put in place. Hiring an auditing team, for example, to evaluate all of the risks your company faces means you must schedule precious time to meet with the auditors, to decide what to do about their recommendations, and then implement them. It’s understandably easier to forget such tasks in favor of the familiar challenges of regular work.

6 Reasons You Should Outsource Your Security Monitoring

Posted by Kevin Landt on Aug 18, 2015

 

“Jack of all trades, master of none” is not a figure of speech not everyone relishes having aimed at them. You go out of our way to deepen your skill sets and experience so that you can do things others can’t. In spite of this, many of IT organizations yield to the temptation to keep all security functions in-house despite lacking the time or resources.

It's wise to have someone inside your business whose job is to be aware of the security environment and maintain security controls. To freight that person, or small team, with keeping current on every new threat and with measures for their detection, isolation and destruction is asking far too much of both your people and your organizational chart.

A Good IT Guy Is Hard To Find

Posted by Security Steve on Apr 24, 2015


Although employer demand for cybersecurity talent has grown steadily since 2007, several recent high-profile computer-hacking and data breach occurrences are pushing that need to new levels according to a 2014 study by the RAND Corp. The report, “Hackers Wanted: An Examination of the Cybersecurity Labor Market,” found that a growing nationwide shortage of qualified cybersecurity professionals could threaten the business operations of millions of private-sector employers.  

3 Trends in IT Security for 2014

Posted by Vijay Basani on Dec 18, 2013


With the end of the year coming to a close, we here at EiQ Networks have been keeping our ears open listening to the IT security space and analyzing what we feel are going to be the three biggest trends to watch out for in 2014.

Subscribe to Email Updates

Experience how Cygilant SOCVue and 24x7 GSOC Team can help detect threats, prioritize vulnerabilities and apply patches.

Request a Demo

Most Popular Posts

Posts by Topic

See All