Category: Cyber Defense Magazine

Protect SAP Supply Chains by Preventing Cyber Attacks

Highly advanced and extremely dangerous cyberattacks are targeting SAP (from the company originally called “System Analysis Program” Development) software supply chains with an alarming increase in frequency. By taking advantage… The post Protect SAP Supply Chains by Preventing Cyber Attacks…

Is Platform Engineering a Step Towards Better Governed DevOps?

Since 2010, Puppet’s annual State of DevOps Report has tracked trends in IT, including security and, more recently, the growth of platform engineering. 2024’s edition, which includes the results of a survey… The post Is Platform Engineering a Step Towards Better Governed…

Best Practices for Effective Privileged Access Management (PAM)

Privileged accounts are highly coveted targets for malicious attackers due to the extensive access they provide. According to the 2024 Verizon Data Breach Investigation Report, nearly 40% of data breaches… The post Best Practices for Effective Privileged Access Management (PAM)…

Securing the OT Stage: NIS2, CRA, and IEC62443 Take Center Spotlight

In the dynamic landscape of Operational Technology (OT), robust cybersecurity measures are paramount. As the digital transformation accelerates, protecting critical infrastructure becomes more challenging. Fortunately, three key standards—NIS2, CRA, and… The post Securing the OT Stage: NIS2, CRA, and IEC62443…

The Urgent Need for Data Minimization Standards

A central principle in many data protection laws around the globe is data minimization. But we are currently facing a serious issue: we don’t have legal clarity on what exactly… The post The Urgent Need for Data Minimization Standards appeared…

Is There a DDoS Attack Ceiling?

Today, it’s rare for a month to pass without reports of new distributed denial-of-service (DDoS) attacks. Lately, geopolitical instability and hacktivist groups (e.g., Anonymous Sudan and NoName057(16)) have driven attacks, and these types of attacks… The post Is There a DDoS Attack Ceiling? appeared first…

Innovator Spotlight: Fortra

by Dan K. Anderson CEO, CISO, and vCISO As cyber threats grow more sophisticated and frequent, organizations face immense pressure to simplify their security stacks and improve operational efficiency. According… The post Innovator Spotlight: Fortra appeared first on Cyber Defense…

Protect SAP Supply Chains by Preventing Cyber Attacks

Highly advanced and extremely dangerous cyberattacks are targeting SAP (from the company originally called “System Analysis Program” Development) software supply chains with an alarming increase in frequency. By taking advantage… The post Protect SAP Supply Chains by Preventing Cyber Attacks…

Beyond Encryption: Advancing Data-in-Use Protection

In the ever-evolving landscape of cryptography, traditional encryption methods safeguarding data at rest and in transit remain foundational to cybersecurity strategies. However, the security of decrypted data actively used within… The post Beyond Encryption: Advancing Data-in-Use Protection appeared first on…

Benefits of Network Monitoring Systems

Maintaining a resilient, secure, and efficient network infrastructure is more important than ever. Network monitoring systems, which encompass both hardware and software tools, play a pivotal role in achieving this… The post Benefits of Network Monitoring Systems appeared first on…

Autonomous, Deterministic Security for Mission-Critical IOT Systems

Mission-Critical Iot Systems: Cybersecurity Principles In creating an effective cybersecurity strategy for IoT systems, software architects examine obstacles that limit the security options for their target systems. To deliver a… The post Autonomous, Deterministic Security for Mission-Critical IOT Systems appeared…

The Unsolvable Problem: XZ and Modern Infrastructure

The ongoing prevalence (and rise) of software supply chain attacks is enough to keep any software developer or security analyst up at night. The recent XZ backdoor attack is finally… The post The Unsolvable Problem: XZ and Modern Infrastructure appeared…

A Cloud Reality Check for Federal Agencies

The move to cloud is not slowing down – spending by Federal civilian agencies on cloud computing could reach $8.3 billion in Fiscal Year (FY) 2025. But despite years of guidance (from… The post A Cloud Reality Check for Federal Agencies appeared…

A CISO’s Guide to Managing Risk as the World Embraces AI

As Generative AI becomes more deeply integrated into our digital landscape, organizations face a growing need to manage application, technology, and cybersecurity risks effectively. The rapid evolution of AI technology… The post A CISO’s Guide to Managing Risk as the…

BYTE BY BYTE

In an era where digital transformation is reshaping healthcare, dental practices find themselves caught in a perfect storm of cybersecurity vulnerabilities. As ransomware attacks surge across the healthcare sector, dental… The post BYTE BY BYTE appeared first on Cyber Defense…

The Initial Engagement Process for Contracting with a vCISO

Introduction In today’s fast-paced digital world, organizations face a myriad of cybersecurity challenges that demand expert guidance and strategic oversight. Enter the Virtual Chief Information Security Officer (vCISO), a role… The post The Initial Engagement Process for Contracting with a…

The Evolution of Cloud Strategy: Beyond “Cloud First”

In the rapidly evolving digital landscape, the mantra “Cloud First” is becoming a relic of the past. Today, organizations are recognizing that mere digital transformation does not automatically translate into… The post The Evolution of Cloud Strategy: Beyond “Cloud First”…

Supply Chains Make Insider Threat Defense More Complex

Regular insider threats are bad enough — conventional security tools don’t detect them, they know where it’ll hurt to hit, and management doesn’t suspect them. Unfortunately, insider supply chain threats… The post Supply Chains Make Insider Threat Defense More Complex…

Securing AI Models – Risk and Best Practices

Generative AI (Artificial Intelligence) has turned out to be a game changer after the introduction of ChatGPT, DALL-E, Bard, Gemini, GitHub Copilot etc. in 2022 and 2023 [1]. The majority… The post Securing AI Models – Risk and Best Practices…

Innovator Spotlight: Sumo Logic

The rapid adoption of cloud and digital services is driving exponential data growth, creating fragmented visibility and operational silos across Dev, Sec, and Ops teams. According to the IDC, the… The post Innovator Spotlight: Sumo Logic appeared first on Cyber…

Why Cybersecurity Leaders Trust the MITRE ATT&CK Evaluations

In today’s dynamic threat landscape, security leaders are under constant pressure to make informed choices about which solutions and strategies they employ to protect their organizations. The “MITRE Engenuity ATT&CK Evaluations:… The post Why Cybersecurity Leaders Trust the MITRE ATT&CK Evaluations…

Maintaining File Security While Working Remotely

These days remote workers in home offices using residential WiFi must maintain a similar security posture as a full-on corporation while working with other remote stakeholders, clients, and partners anywhere… The post Maintaining File Security While Working Remotely appeared first…

How Ransomware Jeopardizes Healthcare Organizations

Security challenges in the healthcare sector continue to grow as connected assets and attack surfaces expand. Organizations in any sector face financial ramifications in the aftermath of a successful attack,… The post How Ransomware Jeopardizes Healthcare Organizations appeared first on…

High Performance Software Defined Receivers

Introduction As cybersecurity challenges grow more complex, the tools we use to protect data and communications are also advancing. Among these tools, high-performance software defined receivers (SDRs) with tuning ranges… The post High Performance Software Defined Receivers appeared first on…

Biometrics in the Cyber World

by Victoria Hargrove, Reporter, CDM In today’s society, digital threats are happening at a consistent and concerning rate. Traditional authentication methods no longer stand a chance against preventing these threats…. The post Biometrics in the Cyber World appeared first on…

5 Essential Features of an Effective Malware Sandbox

Malware sandboxes offer a safe and controlled environment to analyze potentially harmful software and URLs. However, not all sandboxes incorporate features that are essential for proper analysis. Let’s look at… The post 5 Essential Features of an Effective Malware Sandbox…

How to maximize cybersecurity ROI

Cost savings and business benefits were quantified in “The Total Economic Impact of Cynet All-in-One Security,” a commissioned study conducted by Forrester Consulting on behalf of Cynet in October 2024…. The post How to maximize cybersecurity ROI appeared first on…

Innovator Spotlight: Push Security

Identity is the new perimeter. Attackers are no longer hacking into your organization—they’re logging in with compromised credentials. Push Security is countering this shift with a browser-based identity security platform… The post Innovator Spotlight: Push Security appeared first on Cyber…

The AT&T Phone Records Stolen

In today’s digital age, the importance of cybersecurity must be re-balanced. With increasing cyberattacks and data breaches, organizations must prioritize protecting their customers’ sensitive information. Unfortunately, AT&T has recently fallen… The post The AT&T Phone Records Stolen appeared first on…

Cyber Threat Intelligence (CTI) for Supply Chain Monitoring

Executive summary Many companies face various risks across their supply chain, which are increasing, especially cyber threats. Studies indicate that nearly all companies have at least one supplier that has… The post Cyber Threat Intelligence (CTI) for Supply Chain Monitoring…

Overcoming Cybersecurity Integration Roadblocks

As a CEO working alongside cybersecurity product companies, I know that integration & the connectors are necessary evil for cyber security products companies. For companies in our industry, seamless, reliable… The post Overcoming Cybersecurity Integration Roadblocks appeared first on Cyber…

Spotlight on Dashlane

Dashlane is the leading enterprise credential manager that secures access and proactively protects against breaches. In an era where painfully simple password spraying and phishing attacks are still the primary… The post Spotlight on Dashlane appeared first on Cyber Defense…

Spotlight on Onyxia

Onyxia’s Cybersecurity Management Platform delivers predictive insights and data intelligence that allow CISOs to gain a complete view of their cybersecurity program performance, achieve organizational compliance, increase security stack efficiency,… The post Spotlight on Onyxia appeared first on Cyber Defense…

Innovator Spotlight: Cloud Range

by Dan K. Anderson CEO, CISO, and vCISO The cybersecurity landscape is rapidly evolving, and so are the tactics of adversaries. According to IBM, the average cost of a data… The post Innovator Spotlight: Cloud Range appeared first on Cyber…

How a CISO Should Brief the Board of Directors

It’s often assumed that if the board knew exactly what they wanted to hear from the CISO, they would simply communicate it. Unfortunately, that’s not always the case. This leaves… The post How a CISO Should Brief the Board of…

How Has Video Analytics Enhanced Security and Efficiency?

In recent years, video analytics has significantly transformed the interpretation and utilization of visual data. Through advanced algorithms and artificial intelligence methods, video analytics can perform tasks such as object… The post How Has Video Analytics Enhanced Security and Efficiency?…

The Imperative of Penetration Testing AI Systems

In the modern era of technological advancement, artificial intelligence (AI) is revolutionizing business operations, presenting unparalleled opportunities for efficiency and innovation. However, as AI systems become integral to our business… The post The Imperative of Penetration Testing AI Systems appeared…

Innovator Spotlight: Legit Security

by Dan K. Anderson CEO, CISO, and vCISO With the rise of software supply chain attacks, organizations are under increasing pressure to secure their software development pipelines. According to a… The post Innovator Spotlight: Legit Security appeared first on Cyber…

Securing E-commerce

E-commerce is poised to account for over 20% of global purchases by 2024. This surge is fueled by a confluence of factors: the expansion of online product offerings, consumer pursuit of discounts,… The post Securing E-commerce appeared first on Cyber Defense Magazine.…

Securing E-commerce

E-commerce is poised to account for over 20% of global purchases by 2024. This surge is fueled by a confluence of factors: the expansion of online product offerings, consumer pursuit of discounts,… The post Securing E-commerce appeared first on Cyber Defense Magazine.…

Team-Based Training and the Power of Simulation

In the constantly evolving realm of cybersecurity, it is critical for incident responders to be prepared and effective. As cyber threats grow more complex, the training approaches for these defenders… The post Team-Based Training and the Power of Simulation appeared…

Innovator Spotlight: Interpres Security

In the current cybersecurity landscape, the focus has shifted from merely managing vulnerabilities to strategically orchestrating defenses against targeted threats. Organizations are increasingly struggling to optimize their security posture amidst… The post Innovator Spotlight: Interpres Security appeared first on Cyber…

Innovator Spotlight: Concentric

Data security is more critical than ever as organizations manage vast amounts of sensitive information across cloud and on-premises environments. According to a 2023 report by Varonis, over 53% of… The post Innovator Spotlight: Concentric appeared first on Cyber Defense…

Innovator Spotlight: Keepnet Labs

Keepnet specializes in addressing human factors of security through innovative security awareness training and phishing simulation tools. This article highlights the significant findings of their 2024 Vishing (Voice Phishing) Response… The post Innovator Spotlight: Keepnet Labs appeared first on Cyber…

Zero-Trust Endpoint Security

Zero-Trust Endpoint Security: How a Preventive Approach Can Limit Your Endpoint Attack Surface Endpoint security has become more critical than ever in today’s rapidly evolving threat landscape. As enterprises become… The post Zero-Trust Endpoint Security appeared first on Cyber Defense…