News
-
CIS Risk Assessment Method (RAM) v2.1 for CIS Controls v8
CIS recently released the CIS Risk Assessment Method (RAM) v2.1, a risk assessment method designed to help enterprises justify investments for implementing the CIS Critical Security Controls (CIS Controls). This version supersedes CIS RAM v2.0, which was first released in October 2021. CIS RAM helps enterprises define their acceptable level of risk, and then manage…
-
How to Protect Your Social Media Accounts
Social media is part of our social fabric. So much so that nearly 50% of the global population are social media users to some degree or other. With all that sharing, conversing, and information passing between family and friends, social media can be a distinct digital extension of ourselves—making it important to know how you…
-
McAfee Wins Product of the Year for Best Online Protection
You can feel even more confident that you’ll enjoy life online with us at your side. AV-Comparatives has awarded McAfee as its 2021 Product of the Year. McAfee makes staying safe simple, and now this endorsement by an independent lab says we protect you best. Over the course of 2021, AV-Comparatives subjected 17 different online…
-
UK Government to Launch PR Campaign Undermining End-to-End Encryption
Rolling Stone is reporting that the UK government has hired the M&C Saatchi advertising agency to launch an anti-encryption advertising campaign. Presumably they’ll lean heavily on the “think of the children!” rhetoric we’re seeing in this current wave of the crypto wars. The technical eavesdropping mechanisms have shifted to client-side scanning, which won’t actually help…
-
When It comes to Cybersecurity – An ounce of prevention
Benjamin Franklin advised fire-threatened Philadelphians in 1736 that, “An ounce of prevention is worth a pound of cure. Clearly, preventing fires is better than fighting them……” So, to what extent are we able to protect ourselves from Cybersecurity events? With the alphabet soup of acronyms out there such as NIST, ISO, SOC, CISA, DevSecOps, etc………
-
Three recent events prove the need for an insider risk playbook
Every company, regardless of size, should have an insider risk management playbook in place to address the insider threat. The human factor is always in play, mistakes will happen that inadvertently place the company at risk. The other side of the human factor are the malevolent individuals who opt to break trust and willingly push…
-
Collective resilience: Why CISOs are embracing a new culture of openness
Security exec Chad Kliewer had heard the initial reports of the SolarWinds attack as news about it broke in December 2020, sympathetic to those companies first named as victims of the hack. To read this article in full, please click here (Insider Story) Read More
-
An Examination of the Bug Bounty Marketplace
Here’s a fascinating report: “Bounty Everything: Hackers and the Making of the Global Bug Marketplace.” From a summary: …researchers Ryan Ellis and Yuan Stevens provide a window into the working lives of hackers who participate in “bug bounty” programs — programs that hire hackers to discover and report bugs or other vulnerabilities in their systems.…
-
The emotional stages of a data breach: How to deal with panic, anger, and guilt
It usually happens on a Friday afternoon, at around 4 or 5 p.m. Admins and security experts receive a message telling them that something weird might be happening, and the quiet afternoon turns into chaos. To read this article in full, please click here (Insider Story) Read More
-
A bad day in the office for the REvil ransomware gang, as Russia arrests 14 members
While data-wiping malware is hitting the PCs of multiple Ukrainian organisations, Russia has taken the surprising step of arresting 14 members of the REvil ransomware gang. Read More