Tag: security strategy
Step 3: Investigate the State of IoT Usage within Your Organization Never believe what you’ve been told or your own assumptions. You need to find out for yourself what IoT devices are already in use within your environment. It’s dangerously naïve to assume there aren’t any in place already. Just like standard IT security risk…
Read MoreThe National Cyber Security Centre (NCSC) was formed in 2016 to help protect the UK’s critical services from cyber attacks and help providers of those services manage major cyber incidents. NCSC has repeatedly warned that a major attack on critical national infrastructure is a matter of when, not if. Despite this, a recent cyber security…
Read MoreComputer geeks love their acronyms. Here’s one more: TANSTAAFL. There ain’t no such thing as a free lunch. No, I’m not talking about the grilled Alaskan salmon meal you got while playing on your phone instead of listening to the vendor pitch. I mean that if we want better security, someone has to pay for…
Read MoreThe discovery of a significant container-based (runc) exploit sent shudders across the Internet. Exploitation of CVE-2019-5736 can be achieved with “minimal user interaction” it subsequently allows attackers to gain root-level code execution on the host. Scary, to be sure. Scarier, however, is that the minimal user interaction was made easier by failure to follow a…
Read MoreA vast majority of organisations have no visibility into encrypted traffic, nor do they have protection against automated attackers. In Mary Meeker’s most recent Internet Trends report, the numbers show that in the first quarter of 2019, 87 per cent of global web traffic was encrypted, up from 53 per cent just three years ago.…
Read MoreThe way we build, provision, maintain and secure apps continues to evolve. As agile development practices put pressure on operations, organizations move to DevOps where both functions are synchronized. This in turn puts pressure on the app security organization, and so we see more companies today adopting a DevSecOps model. At the same time, the…
Read MoreApplications have become the infrastructure of the internet. They are in everything from phones to thermostats, cars to power grids. And for every digital transformation enabled by apps, the application itself is a primary target, along with the business logic it supports and all its underlying data. For one thing, an app isn’t just an…
Read More