Stephen Lawton SC Media | Page 4 of 6
Stephen Lawton

Stephen Lawton

Most recent articles by Stephen Lawton

Cyber threat intelligence

Cyber threat intelligence

In today’s environment, potential attackers have all the time they need to mount a sustained intrusion against a target company or government agency. While companies need to understand past attacks so they don’t happen again, it is crucial to look forward and protect data against future breaches. And, one way to achieve this is to put a greater emphasis on embedding security directly into enterprise data to stop outsider attacks, and to make data that is compromised unreadable and unusable. A number of other strategies are explored as well in this latest ebook from SC Magazine.

Vulnerability management: Identifying network vulnerabilities

Vulnerability management: Identifying network vulnerabilities

Web applications are a major cause of network breaches, and new attacks are continually occurring just out of view. While a two-factor authentication approach can reduce vulnerabilities, this system alone will not eliminate the problem. Identifying network vulnerabilities requires adding multiple combinations of factors to guard against the possibility of credentials being stolen or misused.

Advanced persistent threat

Advanced persistent threat

In the old days, a cyberthief would play a numbers game, sending out millions of emails with a compromised link, for example, with the hope that one percent of recipients would respond. Nowadays, in an advanced persistent threat (APT) attack – such as recent, high-profile incursions Stuxnet and Operation Shady RAT – the perpetrator spends a considerable amount of time researching a specific target, often customizing malware so that its signature cannot be identified by any existing anti-virus or anti-malware software. Too, these attackers have significant resources, both financially and technologically, and motivation that might not have anything to do with pure financial gain. The good news: there are resources available for companies to combat APTs.

Next post in Security News