dcsimg

Actions CISOs Must Take to Overcome Negative Perceptions

Chief Information Security Officers (CISOs) shoulder tremendous responsibility. They’re ultimately responsible for their company’s cyber security posture. At the same time, the security decisions they make also impact core business metrics such as productivity, cost savings, revenue growth, and brand perception. The world of today’s CISOs is a balancing act. On one hand, they are “enforcers” of … [Read more...]

Up, up and to the Clouds: Cloud Computing 101

The cloud has always been this mysterious place—many companies embraced it and put everything they could into the cloud, while others watched cautiously from a distance, wondering whether they should do the same. Before taking you on the journey to the cloud, let’s answer the question “What is the cloud, exactly?” Clearly, it’s been a source of confusion. In fact, many still point up when they use … [Read more...]

The Future of Passwords and Password Management in the Enterprise

Passwords have been around for decades now, and they aren’t going away any time soon. And yet, password security best practices have been ignored by many. Too many people and companies are careless with password management, even though they know that a single password in the wrong hands can lead to disastrous consequences. Tempted to keep your head in the sand and hope for the best? This is your … [Read more...]

Least Privilege Uncovered

Organizations around the world are challenged by an ever-growing cyber threat landscape and are experiencing serious cyber fatigue. Their employees are dealing with constant information overload about cyber attacks, ransomware, identity theft and phishing scams. Employees are exposed to risky behavior For years, employees across all departments in most organizations have habitually practiced risky … [Read more...]

Back to the Basics: Service Account Management 101

Service accounts don’t have to be a nightmare. Get in control now.  Service accounts are typically used in operating systems to execute applications or run programs, either in the context of system accounts (high privileged accounts without any password) or a specific user account, usually created manually or during software installation.  On Unix and Linux they are often known as init or inetd, … [Read more...]

5 Spooky Privilege Security Mistakes that Will Haunt Your Organization

It’s a dark and stormy night. Suddenly your system locks up. Then you get a message, demanding online payment to release your sensitive data back to you. Unfortunately, this isn’t a Halloween prank. Ransomware is on the rise and organizations of all types are falling victim. Your risk of cyber-attack exponentially increases if you’ve made any of the mistakes below. The good news is that all these … [Read more...]

(SSH) Keys to Unix Security

Root accounts are the keys to powerful IT systems, the backbone of your entire infrastructure. They use privileged credentials to control shell access, file transfers, or batch jobs that communicate with other computers or apps, often accessed remotely, with local configuration. They can be the trickiest of all types of privileged accounts to secure, particularly if they are based on Unix or … [Read more...]

Ostriches, Zero Day Exploits, and the Elusive CyberSec Expert: Why SMBs Should Implement Cloud-Based PAM

Small and medium-sized businesses (SMBs) face a cyber security trifecta. Cyber criminals are increasingly targeting the most vulnerable businesses (not just the biggest fish). Sophisticated attackers quickly take advantage of newly revealed vulnerabilities. And, cyber security professionals are in short supply. Maybe SMBs aren’t aware that they can use the same types of security systems as larger … [Read more...]

Incident Response: Are You Breach-Ready?

It’s no longer rare to see cyber-attacks in the daily news. From ransomware to data breaches to DDoS (Distributed Denial of Service) attacks, the incident is usually attributed to either cyber criminals or nation states, and almost always comes from beyond our own country’s borders and laws. Because of this, we worry about clicking on a web page or opening an attachment in an email, never … [Read more...]

Back to the Basics: The problem with forcing regular password expiry

For many people and organizations around the world a single password is sometimes the only security control protecting their sensitive information, access to email and even their bank account. The traditional password best practice was to create a long, complex password that only you would know, and it protected one or two accounts; you likely used it to sign into Active Directory or email … [Read more...]