A Call for Congress to Prioritize Modernizing Government Technology

By Jack Huffard While we've already seen Congress engage in fierce debates over fiscal year 2018 funding, it's important to remember that there are bipartisan issues on the table. Upgrading and modernizing government IT systems is one such area that deserves continued focus. That's why we were pleased to see the Senate pass the 2017 National Defense Authorization Act (NDAA) with the Modernizing … [Read more...]

Maintain Your &%$#* Systems! A Mantra for IT Professionals in the Wake of Equifax

By Amit Yoran Once again, we have a basic failure in cyber hygiene causing a massive data breach. This one affects potentially half of the U.S. population and compromises particularly sensitive personal information that can be used by criminals to wreak havoc on people's bank accounts, credit scores and identities. I'm referring, of course, to the Equifax breach. What I find particularly … [Read more...]

The New Era and Evolution of the Cyber Security Digital Inside Trader

By Joseph Carson The insider threat has been a major risk to all governments and organizations around the world for many years. High profile examples are numerous; Nick Leeson and the collapse of Barings bank, Jeffrey Skilling the former Enron President, to the more recent intelligence leaks from Bradley Manning, Edward Snowden and Reality Winner that disclosed sensitive information that was … [Read more...]

Stories from the Field: Port of New Orleans Streamlines Critical Data Protection

By Yadin Porter de León Organizations that are using legacy data protection models face serious challenges. Legacy systems are inefficient, and IT teams spend hours managing backups, often having to travel between locations to back up or retrieve data. And most legacy systems rely on local infrastructure that's vulnerable to natural disaster, making them less secure than today's cloud-based … [Read more...]

Should I deploy monitoring software on your servers?

By Casper Manes How do you monitor what goes on within your infrastructure? Do you gather logs, use SNMP, query WMI, or do you deploy agents that report in? Source:: GFI TalkTechToMe-All … [Read more...]

Most Companies Worldwide Fail to Measure Cybersecurity Effectiveness and Performance

By Joseph Carson More than half the 400 respondents in a survey from the Thycotic-issued study, “2017 State of Cybersecurity Metrics Report”, scored an F or a D grade after evaluating their organization's efforts to measure their cybersecurity investments and performance against best practices. 58% received an F or D grade Joseph Carson of Thycotic: “It's astonishing to have the results come in … [Read more...]

Stories from the Field: Two Companies Join Forces to Ensure Recovery of Data for Office 365 in the UK

By Yadin Porter de León Phoenix Software, one of the largest Microsoft Office 365 providers in the UK, announced a partnership with ORIIUM and Druva to enable its customers to protect their cloud data. Using ORIIUM's CX:inSync powered by Druva, Phoenix Software's local government, education, health care, and housing association customers will now have access to full data recovery and archiving … [Read more...]

Piriform CCleaner Remote Backdoor

By Tony Huffman CCleaner, a popular application used for performing routine maintenance on systems, was recently found to contain a malicious backdoor. This could allow a remote attacker to extract sensitive data from the host, or execute malicious code on the host. Vulnerability details A malicious modification of the 32-bit CCleaner.exe binary (CCleaner version 5.33.6162 and CCleaner Cloud … [Read more...]

Don’t Let Malware Hit You on the Way Out

By Noa Arias Guest column by Semperis. Author: Noa Arias, Director of Marketing at Semperis When it comes to the threat of data breach, it's well known that current employees can be an organization's weakest link. What about former employees? So many companies have strict new hire processes in place to onboard new employees, but there's still a lot of work left to do when it comes to … [Read more...]

Is DevOps the Best Thing to Ever Happen to Security?

By Nathan Dyer Many of us have heard this story before, and it goes something like this: Developers are focused on one thing and one thing only - speed. They expunge anything that gets in their way or slows them down. And they can, because successful DevOps is becoming a core competitive differentiator for many organizations. Security leaders are focused on one thing and one thing only - risk. … [Read more...]