Tips

Tips

• Why DevOps security must be on infosecs' priority list

  In the rush to implement DevOps, security is too often overlooked. But DevSecOps is essential in these hack-filled days. Learn how to add security to software development.  Continue Reading

• What to do when cybersecurity breaches seem inevitable

  The current threat landscape makes cybersecurity breaches seem unavoidable. Expert Peter Sullivan discusses some simple ways enterprises can reduce the risk of a breach.  Continue Reading

• Cryptography attacks: The ABCs of ciphertext exploits

  Encryption is used to protect data from peeping eyes, making cryptographic systems an attractive target for attackers. Here are 18 types of cryptography attacks to watch out for.  Continue Reading

• The difference between security assessments and security audits

  Security audits vs. security assessments solve different needs. Organizations may use security audits to check their security stature while security assessments might be the better tool to use. Expert Ernie Hayden explains the differences.  Continue Reading

• Destruction of service: How ransomware attacks have changed

  New ransomware variants have introduced another threat to enterprises. Rob Shapland explains what destruction of service attacks are and how organizations should prepare for them.  Continue Reading

• Common web application login security weaknesses and how to fix them

  Flawed web application login security can leave an enterprise vulnerable to attacks. Expert Kevin Beaver reviews the most common mistakes and how to fix them.  Continue Reading

• Security teams must embrace DevOps practices or get left behind

  DevOps practices can help improve enterprise security. Frank Kim of the SANS Institute explains how infosec teams can embrace them.  Continue Reading

• Applying a hacker mindset to application security

  It can be beneficial to think like a black hat. Expert Kevin Beaver explains why enterprise security teams should apply a hacker mindset to their work and how it can help.  Continue Reading

• Are biometric authentication methods and systems the answer?

  Biometric authentication methods, like voice, fingerprint and facial recognition systems, may be the best replacement for passwords in user identity and access management.  Continue Reading

• Why data fidelity is crucial for enterprise cybersecurity

  Cybersecurity teams can't be effective if they don't trust their data. Expert Char Sample explains the importance of data fidelity and the threat of cognitive hacking.  Continue Reading

• What you need to know about setting up a SOC

  Setting up a SOC is different for every enterprise, but there are some fundamental steps with which to start. Expert Steven Weil outlines the basics for a security operations center.  Continue Reading

• SHA-1 collision: How the attack completely breaks the hash function

  Google and CWI researchers have successfully developed a SHA-1 attack where two pieces of data create the same hash value -- or collide. Expert Michael Cobb explains how this attack works.  Continue Reading

• IPv6 addresses: Security recommendations for usage

  IPv6 addresses can be used in a number of ways that can strengthen information security. Expert Fernando Gont explains the basics of IPv6 address usage for enterprises.  Continue Reading

• Applying cybersecurity readiness to today's enterprises

  How prepared is your organization for a cyberattack? Expert Peter Sullivan outlines the seven steps enterprises need to take in order to achieve cybersecurity readiness.  Continue Reading

• Tools to transfer large files: How to find and buy the best

  Need to transfer files within headquarters or between branches? Managed file transfer tools now offer some interesting new features.  Continue Reading

• Why security incident management is paramount for enterprises

  Enterprises aren't truly prepared for cyber threats unless they have proper security incident management in place. Expert Peter Sullivan explains what enterprises need to know.  Continue Reading

• How to detect preinstalled malware in custom servers

  Preinstalled malware was reportedly found by Apple in its custom servers. Expert Nick Lewis explains how enterprises can protect themselves from encountering similar issues.  Continue Reading

• Tactics for security threat analysis tools and better protection

  Threat analysis tools need to be in top form to counter a deluge of deadly security issues. Here are tips for getting the most from your analytics tool.  Continue Reading

• How WannaCry malware affects enterprises' ICS networks

  WannaCry malware has been plaguing organizations across the world. Expert Ernie Hayden explains how this ransomware threatens ICS networks and their security.  Continue Reading

• Incorporating static source code analysis into security testing

  Static source code analysis, along with dynamic analysis and pen testing, can help strengthen your application security. Expert Kevin Beaver goes over the features to look out for.  Continue Reading

• IT security governance fosters a culture of shared responsibility

  Effective information security governance programs require a partnership between executive leadership and IT. All parties work toward a common goal of protecting the enterprise.  Continue Reading

• How the use of invalid certificates undermines cybersecurity

  Symantec and other trusted CAs were found using bad certificates, which can create huge risk for internet users. Expert Michael Cobb explains how these incidents can be prevented.  Continue Reading

• Information privacy and security requires a balancing act

  Maintaining information privacy and security seem to be separate challenges, but in reality, each is integral to the other. Expert Kevin Beaver explains how to work toward both.  Continue Reading

• IPv6 update: A look at the security and privacy improvements

  The recent IPv6 update from the IETF introduces new security and privacy recommendations. Expert Fernando Gont explains these changes and what they mean for organizations.  Continue Reading

• To secure Office 365, take advantage of controls Microsoft offers

  Securing Office 365 properly requires addressing upfront any specific risks of a particular environment and taking advantage of the many security controls Microsoft offers.  Continue Reading

• Office 365 security features: As good as it gets?

  Online and application security is never perfect, but Office 365 security features come close. Here's an overview of how Microsoft installed security in its popular suite.  Continue Reading

• Address Office 365 security concerns while enjoying its benefits

  Office 365 security concerns should worry you but not dampen your enthusiasm for the platform's potential benefits for your business. Here's what you need to consider upfront.  Continue Reading

• Guide to vendor-specific IT security certifications

  The abundance of vendor-specific information technology security certifications can overwhelm any infosec professional. Expert Ed Tittel helps navigate the crowded field.  Continue Reading

• How mobile application assessments can boost enterprise security

  Mobile application assessments can help enterprises decide which apps to allow, improving security. Christopher Crowley of the SANS Institute discusses how to use app assessments.  Continue Reading

• How SSH key management and security can be improved

  The widespread use of SSH keys is posing security risks for enterprises due to poor tracking and management. Expert Michael Cobb explains how some best practices can regain control over SSH.  Continue Reading

• Cognitive hacking: Understanding the threat of bad data

  Bad data can create more than just 'fake news.' Expert Char Sample explains how cognitive hacking and weaponized information can undermine enterprise security.  Continue Reading

• What the end of hot patching mobile apps means for enterprise security

  Apple now restricts mobile app developers from using hot patching, as the technique can change app behavior after it is reviewed. Expert Kevin Beaver goes over enterprise concerns.  Continue Reading

• Why WPA2-PSK can be a security risk even with an uncracked key

  WPA2-PSK is a popular way to bolster wireless security, but it's not perfect. Expert Joseph Granneman explains WPA2 and other aspects of the complicated history of Wi-Fi security.  Continue Reading

• Applying the new FDA medical device guidance to infosec programs

  New FDA medical device guidance demonstrates the need for better cybersecurity during manufacturing and use. Expert Nick Lewis explains how enterprises can use the recommendations.  Continue Reading

• How to identify and address overlooked web security vulnerabilities

  Certain web security vulnerabilities evade detection due to oversight or carelessness. Expert Kevin Beaver discusses the top overlooked issues and how to address them.  Continue Reading

• ISAOs: The benefits of sharing security information

  ISAOs are a good way for organizations to share information about security threats. Expert Steven Weil explains what these organizations are and their attributes.  Continue Reading

• Improving the cybersecurity workforce with full spectrum development

  Eric Patterson, executive director of the SANS Technology Institute, explains why it's time to rethink educational development to strengthen the cybersecurity workforce.  Continue Reading

• Preparing enterprise systems for the scriptless Linux exploit

  The scriptless Linux exploit deviates from usual methods that security tools recognize as attacks. Expert Nick Lewis explains how the exploit works and how to prevent it.  Continue Reading

• Incorporating user behavior analytics into enterprise security programs

  User behavior analytics can be used for a number of different objectives within an enterprise. Expert Ajay Kumar examines some of the most important features and capabilities.  Continue Reading

• Dedicated security teams: The pros and cons of splitting focus areas

  Could using dedicated security teams that focus on one area of risk help reduce the attack surface for enterprises? Expert Steven Weil looks at the pros and cons of that approach.  Continue Reading

• Totally automatic: Improve DevOps and security in three key steps

  Concerned about DevOps security? Learn three key steps to embedding security into the software development process, including how to improve automation.  Continue Reading

• User behavior analytics: Building a business case for enterprises

  User behavior analytics can be beneficial to enterprises, but there are complexities involved. Expert Ajay Kumar explains what companies should know about this new technology.  Continue Reading

• 1024-bit encryption keys: How 'trapdoored' primes have caused insecurity

  Encryption algorithms using 1024-bit keys are no longer secure, due to the emergence of 'trapdoored' primes. Expert Michael Cobb explains how the encryption backdoor works.  Continue Reading

• DLP systems: Spotting weaknesses and improving management

  DLP systems are becoming a necessity, but their weaknesses need to be tightened to ensure enterprise asset security. Expert Kevin Beaver explains what areas to focus on.  Continue Reading

• Android VPN apps: How to address privacy and security issues

  New research on Android VPN apps revealed the extent of their privacy and security flaws. Expert Kevin Beaver explains how IT professionals can mitigate the risks.  Continue Reading

• Enterprise SSO: The promise and the challenges ahead

  It was inevitable that enterprise SSO would encounter the cloud. Learn how to adjust your company's approach to single sign-on so it keeps working well.  Continue Reading

• Is encryption one of the required HIPAA implementation specifications?

  When it comes to encryption, the HIPAA implementation specifications are complicated. Expert Joseph Granneman explains whether it's required or addressable.  Continue Reading

• How a single ICMPv6 packet can cause a denial-of-service attack

  Expert Fernando Gont explains how Internet Control Message Protocol version 6 can be used by threat actors to stage a simple, yet effective, denial-of-service attack.  Continue Reading

• IoT development and implementation: Managing enterprise security

  The CSA's guidelines for secure IoT development can give enterprises an idea of how to evaluate IoT products. Expert Nick Lewis explains the steps enterprises should take.  Continue Reading

• Why authorization management is paramount for cybersecurity readiness

  After enterprise identities are authenticated, an authorization management system should monitor how resources are being used. Expert Peter Sullivan explains how it can work.  Continue Reading

• What to consider about signatureless malware detection

  Endpoint security is changing into signatureless malware detection and protection. Expert Matthew Pascucci discusses the transition away from signatures.  Continue Reading

• Intrusion response plans: Tales from front-line IT support

  The right intrusion response training can make all the difference in data breach prevention. Expert Joe Granneman provides a real-world example from which enterprises can learn.  Continue Reading

• How to use DNS reverse mapping to scan IPv6 addresses

  Enterprises looking to perform IPv6 address scans can use DNS reverse mapping techniques. In part one of this tip, expert Fernando Gont explains how the process works.  Continue Reading

• What global threat intelligence can and can't do for security programs

  Global threat intelligence is a valuable complement to a company's security program, but it can't replace security measures like training and internally collected data.  Continue Reading

• How to organize an enterprise cybersecurity team effectively

  The structure of an enterprise's cybersecurity team is important for ensuring it's as effective as possible. Expert Steven Weil outlines strategies for setting up a security group.  Continue Reading

• How Windows hardening techniques can improve Windows 10

  Windows 10 may be the most secure Windows ever, but expert Ed Tittel explains how to use Windows hardening techniques to make systems even more secure.  Continue Reading

• Preventing DoS attacks: The best ways to defend the enterprise

  Preventing DoS attacks may not always be possible, but with a strong defense, enterprises can reduce their impact and recover quickly. Expert Kevin Beaver explains the best approaches.  Continue Reading

• When not to renew a vendor contract due to security issues

  Opting out of a vendor contract for security reasons can be a tough decision for CISOs. Expert Mike O. Villegas discusses how NASA handled the situation and what CISOs can do.  Continue Reading

• Monitoring outbound traffic on your network: What to look for

  Outbound network traffic remains a weakness for many enterprises and is a major attack vector. Expert Kevin Beaver explains how to spot irregular occurrences in your network.  Continue Reading

• Big data frameworks: Making their use in enterprises more secure

  Many enterprises apply big data techniques to their security systems. But are these methods secure? Expert John Burke explains some of the efforts to secure big data analysis.  Continue Reading

• Managing vulnerable software: Using data to mitigate the biggest risks

  Three pieces of vulnerable software are most targeted by the exploit kits studied in a Digital Shadows report. Expert Nick Lewis explains how your enterprise can manage them.  Continue Reading

• How to maintain digital privacy in an evolving world

  Protecting a user's digital privacy across different technologies requires a plethora of tools. Expert Matthew Pascucci explores the different ways to protect sensitive data.  Continue Reading

• The dangers of using security policy templates in the enterprise

  Among other drawbacks, using security policy templates can make compliance audits and breach assessments harder for enterprises. Expert Joseph Granneman explains why they're risky.  Continue Reading

• FIDO authentication standard could signal the passing of passwords

  The FIDO authentication standard could eventually bypass passwords, or at least augment them, as government and industry turns to more effective authentication technologies.  Continue Reading

• SWIFT network communications: How can bank security be improved?

  The SWIFT network has increasingly been abused by cybercriminals to carry out bank fraud and theft. Expert Michael Cobb explains possible ways to boost security.  Continue Reading

• VM isolation technique considerations for enterprises

  VM isolation techniques are good strategies to prevent infections from spreading to the entire cloud environment. Ed Moyle explains what enterprises need to know about isolation.  Continue Reading

• Information security risk management: Understanding the components

  An enterprise has to know what risks it is facing. Expert Peter Sullivan explains why an information security risk management plan is crucial for cybersecurity readiness.  Continue Reading

• Cloud DDoS protection: What enterprises need to know

  DDoS attacks are a continuing problem, and enterprises should consider using cloud DDoS protection services. Expert Frank Siemons discusses the cloud options.  Continue Reading

• Preventing privilege creep: How to keep access and roles aligned

  Privilege creep can result in the abuse of user access and security incidents. Expert Michael Cobb explains how enterprises can keep user roles and privileges aligned.  Continue Reading

• Insider security threats: What CISOs can do to mitigate them

  Dealing with insider security threats requires a combination of tactics. Expert Mike O. Villegas discusses the various aspects of insider threat mitigation strategies.  Continue Reading

• Planning for an IPv6 attack: DDoS, neighbor discovery threats and more

  An IPv6 DDoS attacks are imminent, and your network security tools may not be configured for it. Expert Michael Cobb explains how enterprises can prepare its defenses.  Continue Reading

• Achieving cybersecurity readiness: What enterprises should know

  Enterprises need to be ready to act in the face of security incidents and cyberattacks. Expert Peter Sullivan outlines seven elements of proper cybersecurity readiness.  Continue Reading

• How infosec professionals can improve their careers through writing

  Writing can be one of the best ways to establish your reputation as an infosec professional. Expert Joshua Wright of the SANS Institute explains the best ways to do it.  Continue Reading

• Best practices for an information security assessment

  Information security assessments can be effective for identifying and fixing issues in your enterprise's policies. Expert Kevin Beaver explains the key components of the process.  Continue Reading

• How tabletop exercises can help uncover hidden security risks

  A regular tabletop exercise could help to identify security risks in scenarios relevant to your organization. Expert Bob Wood explains the steps in the process.  Continue Reading

• How CMMI models compare and map to the COBIT framework

  Following ISACA's recent acquisition of the CMMI Institute, expert Judith Myerson takes a closer look at COBIT and CMMI models and how they compare to one another.  Continue Reading

• Why signature-based detection isn't enough for enterprises

  Signature-based detection and machine learning algorithms identify malicious code and threats. Expert Michael Cobb explains how both techniques defend networks and endpoints.  Continue Reading

• How encryption legislation could affect enterprises

  The legal battle between the FBI and Apple brought encryption legislation into the public eye, for better or worse. Expert Mike Chapple discusses the effect of this on enterprises.  Continue Reading

• Breaking down the DROWN attack and SSLv2 vulnerability

  A DROWN attack can occur through more than a third of all HTTPS connections. Expert Michael Cobb explains how DROWN enables man-in-the-middle attacks and mitigation steps to take.  Continue Reading

• RSA Conference 2016 draws big crowds, strong encryption

  RSA Conference 2016 was a densely-packed affair, with discussions ranging from strong encryption to skills shortage in the industry. Expert Nick Lewis gives a recap.  Continue Reading

• How to protect an origin IP address from attackers

  Cloud security providers protect enterprises from DDoS attacks, but attackers can still find the origin IP addresses. Expert Rob Shapland explains why that's a significant threat.  Continue Reading

• What enterprises need to know about Internet traffic blocking

  Traffic blocking by Internet carriers has stirred up some controversy in the security industry. Expert Kevin Beaver discusses the pros and cons of blocking network traffic.  Continue Reading

• Cybersecurity products: When is it time to change them?

  Enterprises should assess their cybersecurity products to make sure they're as effective as possible. Expert Mike O. Villegas discusses how to evaluate cybersecurity tools.  Continue Reading

• Breaking down the risks of VM escapes

  The Xen hypervisor flaw highlighted the risks of VM escapes, but expert Ed Moyle explains why the flaw should serve as a warning for virtual containers as well.  Continue Reading

• Microsoft Device Guard tackles Windows 10 malware

  A new Microsoft security feature takes aim at Windows 10 malware. Expert Michael Cobb explains what enterprises should know about Device Guard.  Continue Reading

• Why relying on network perimeter security alone is a failure

  A network perimeter security strategy alone can no longer protect enterprises. Expert Paul Henry explains why organizations must adapt.  Continue Reading

• Life after the Safe Harbor agreement: How to stay compliant

  Now that the Safe Harbor agreement is invalid, U.S. and EU organizations need to find new ways to securely handle data so they can stay in business.  Continue Reading

• How to manage system logs using the ELK stack tool

  Centrally managing system logs is an important practice for enterprise security. Expert Dejan Lukan explains how to set up cloud servers, such as ELK stack, for this purpose.  Continue Reading

• Secure Hash Algorithm-3: How SHA-3 is a next-gen security tool

  Expert Michael Cobb details the changes in SHA-3, including how it differs from its predecessors and the additional security it offers, and what steps enterprises should take.  Continue Reading

• Is a security cloud service your best endpoint defense?

  Cloud technologies often have a bad reputation when it comes to security, but that may be unfair. Is the cloud the best answer for securing the endpoints in your enterprise?  Continue Reading

• The malware lifecycle: Knowing when to analyze threats

  Not responding to low-level threats can be perilous, yet enterprises can't always examine each issue. Expert Nick Lewis explains when an investigation is imperative.  Continue Reading

• Getting to the bottom of the software vulnerability disclosure debate

  The vulnerability disclosure debate rages on: Enterprises should know they are at risk, but vendors need time to patch flaws. Which side should prevail? Expert Michael Cobb discusses.  Continue Reading

• How to perform a forensic acquisition of a virtual machine disk

  Virtualization expert Paul Henry provides a step-by-step guide to imaging a virtual machine disk (*flat.vmdk) in a forensically sound manner.  Continue Reading

• Improve corporate data protection with foresight, action

  Better corporate data protection demands foresight and concrete action. Learn why breach training, monitoring and early detection capabilities can minimize damage when hackers attack.  Continue Reading

• Managed security service providers: Weighing the pros and cons

  Using a managed security service provider can be an appealing option to enterprises, but there are many factors to consider before making the move to outsourcing.  Continue Reading

• PCI DSS 3.1 marks the end of SSL/early TLS encryption for retailers

  The early arrival of PCI DSS 3.1 could leave organizations scrambling. The biggest change to the standard -- and the top priority for organizations -- is the end of SSL and early TLS.  Continue Reading

• Certificate authorities are limited but new TLS versions can help

  SSL/TLS, long the cornerstone of Web security, has become a security vulnerability due to problems with certificate authorities. Learn what solutions the industry is pursuing.  Continue Reading

• From SSL and early TLS to TLS 1.2: Creating a PCI DSS 3.1 migration plan

  PCI DSS 3.1 requires enterprises to deplete SSL and early TLS use by June 30, 2016. Expert Michael Cobb offers advice for putting a migration plan to TLS 1.2 in place.  Continue Reading

• A new trend in cybersecurity regulations could mean tougher compliance

  State cybersecurity regulations may mean compliance will get more complicated, and that has experts worried. Learn what's causing this trend and what organizations should prepare for.  Continue Reading

• State of the Network study: How security tasks are dominating IT staff

  The majority of networking teams are regularly involved in enterprise security tasks. Expert Kevin Beaver explains the phenomena and how to embrace it.  Continue Reading