This is a tale of what should be, but never seems to be, a strong lesson learned. Every October, our industry “floods the zone” with best practices to promote National Cybersecurity Awareness Month (NCSAM). While noble in concept – setting aside an entire month to reflect and otherwise share deep thoughts about what is and…
Virtualization has long been perceived as the holy grail of business agility, simplified management, return on investment, and even security. While the benefits of virtual desktop infrastructure (VDI) are undeniable, the security aspect is, unfortunately, a myth. The security aspect of VDI is not only misunderstood, it is also often perceived as a drag on…
Identity sprawl – too many usernames and too many passwords – has never been as big a concern as it is today: More devices are being brought into the enterprise, more people are working remotely and using their own devices, and more users continue to access on-premises and cloud data stores. An enterprise issue since…
In 2017, millions of moviegoers flocked to theaters for the eighth Fast and Furious movie, where they watched a villainous Charlize Theron take control of hundreds of self-driving cars. Whether they knew it or not, this was many viewers’ first exposure to the idea of a transportation-based cyberattack. And while this specific scenario is not…
Today, most companies know cybersecurity diligence is an essential part of doing business. Yet, it may still be a bit of a surprise how extensively cybersecurity has evolved to become an elemental business component that grows revenue and opens doors for market expansion. From contracts and financing to mergers and acquisitions, an organization’s information security…
Looking at the rapidly evolving role of CISOs and their teams, many organizations have yet to optimize their approach to cybersecurity to a place where it’s not just a preventative business function but assumes a wider role in business success, be that customer acquisition, retention or any number of other critical factors. It’s an approach…
The North American Electric Reliability Corporation (NERC) recently posted a document confirming a cyber event that occurred on a western U.S. electrical grid in spring 2019, marking the first cyberattack on an American grid and, more importantly, striking a chord among operators. The case, which is ironically labeled a “lesson” by NERC, is a glaring…
Cloud infrastructure is the foundation of more companies than ever. As with any foundation, any crack can lead to significant damage to the infrastructure. One potential crack is a trusted identity with unnecessary and excessive privileges. A “trusted identity” is invariably associated with people — employees, contractors or other insiders. But identity in the cloud…
APIs are a strategic necessity to give your business the agility, innovation and speed needed to succeed in today’s business environment. However, the financial incentive associated with this agility is often tempered with the fear of undue exposure of the valuable information that these APIs expose. With the rise of APIs also comes the potential…
Recently, Andrew Smith, Director of the FTC’s Bureau of Consumer Protection stated that one of its priorities would be to “combat bad practices in the lead generation market.” 33 Antitrust ABA 75, 76 (Spring 2019). Smith suggested the FTC was concerned about the entire ecosystem’s bad practices. He echoed his remarks during Comply 2019, an…
