Small and midsize companies don't need to spend money on expensive security products, says cybersecurity consultant Nic Miller, but they must consider several critical factors as they devise their strategies.
Last week, security researcher Bill Demirkapi said that Trend Micro used a trick to get one of its drivers to pass Microsoft's approval process. Trend Micro has withdrawn the driver and says it's working with Microsoft on incompatibility issues that are unrelated to the researcher's findings.
A federal watchdog agency has established key goals and objectives - including protecting the security of IT infrastructure as well as combating fraud - that drive its oversight of the Department of Health and Human Services' COVID-19 response and recovery activities.
"Risk acceptance" was the operative term as organizations quickly deployed remote workforces in response to the global crisis. But now, as this deployment becomes a long-term option, enterprises need to take a future-focused view toward identity, cloud, and the attack surface. Forcepoint's Homayun Yaqub offers tips.
U.S. facilities that produce, use or store hazardous chemicals are vulnerable to cyberattacks, in part because cybersecurity guidelines from the Department of Homeland Security are outdated, according to a recent GAO audit.
The increasing use of internet-connected devices in manufacturing facilities is opening up new ways for hackers to target so-called "smart" factories with unconventional attack methods, according to an analysis by security firm Trend Micro and the Polytechnic University of Milan.
Security teams are dealing with more vulnerabilities than they can handle. Spreading these limited resources too thin can quickly lead to inefficiency and burnout. Don't waste precious time remediating vulnerabilities that pose little to no risk.
With risk-based vulnerability management, you'll know exactly which...
The Covid-19 crisis has forced businesses of all sizes around the world to change operations in a variety of unprecedented ways.
To navigate and halt the spread of the pandemic, organizations have adopted strict remote work policies where employees have to maintain work and productivity from the confines of their...
In honor of World Password Day, here's a task for every organization that uses remote desktop protocol: Ensure that all of your organization's internet-facing RDP ports have a password - and that it's complex and unique.
Authenticate users for any application, any directory and any situation
Identity and access management is a key foundational technology that can make or break a business' digital transformation initiatives. Identity ensures that digital interactions are secure and seamless across the enterprise, and a...
The Zero Trust hype train is in full swing. It seems as though every vendor is touting a complete solution or silver bullet. The truth is that achieving "full" Zero Trust with any single technology is simply not possible. However, there are some practical steps that can move your organization towards a Zero Trust...
Forget "whitelists" and "blacklists" in cybersecurity. So recommends Britain's National Cyber Security Center, in a bid to move beyond the racial connotations inherent to the terminology. Henceforth, NCSC - part of intelligence agency GCHQ - will use the terms "allow list" and "deny list." Will others follow?
Because the COVID-19 pandemic had led to more employees working from home, cloud services have become indispensable, but the pressure is on organizations to ensure security, says Jim Reavis, CEO of the Cloud Security Alliance.
You can't defend your systems against risks you don't know about, so the first step in any security program should be to document the risk-facing systems, projects, or processes..
A well-run risk assessment process accomplishes this by examining the impact each risk poses on organizational goals, the prevalence of...