Cybersecurity Executive Insight, opinions and analysis l SC Media

Executive Insight

7 Critical Security Steps to Protect You From an Office 365 Compromise

In August 2018, security researchers announced that cybercriminals were successfully bypassing Office 365’s Advanced Threat Protection via a new evolution of phishing – inserting malware links into SharePoint documents. Analysts at the cloud security firm Avanan discovered this vulnerability – reporting that SharePoint invitations containing malicious links were being sent from Microsoft to some users.…

Transient devices require strict control measures as regulatory compliance requirements grow

TThe proliferation of BYOD and portable media devices is increasing the cybercrime attack surface exponentially. TechAdvisory.org reports that 25 percent of malware is spread today through USB devices alone. Transient cyber assets  — or devices not connected to the network all the time (which includes USB devices) — are proving to be an acute vulnerability…

The Digital Unraveling: Vigilantes, Rogue Competitors, Big Break Ups, and Broken Trust

By 2021, the world will be significantly digitized and connected. Competing in the digital marketplace will become increasingly difficult, as businesses develop new strategies which challenge existing regulatory frameworks and social norms, enabling threats to grow in speed and precision. Vulnerabilities in software and applications will be frequently disclosed online with ever-decreasing time to fix…

Automation and the existential opportunity

A lot of people are scared automation will eliminate their jobs. That’s going to be true in some industries, but ours is not one of them. Cybersecurity professionals who are accustomed to dealing with existential threats need to flip their mindsets and think of automation as an existential opportunity. There are millions of unfilled jobs…

Going stealth: Bad guys embrace the power of branding

By Stu Sjouwerman Since the very dawn of organized phishing attacks, the bad guys have recognized the power of exploiting trusted brands and online services. Our original experience with phishing was defined by spoofed emails purporting to hail from popular banks. Their objective was simple: trick users into coughing up their online banking credentials with…

Introducing state privacy legislation amidst national privacy law discussions

Several states recently presented and passed data privacy legislation introducing individual consumer rights as well as data breach notification rules which in some ways reflect the protections afforded by Europe’s General Data Protection Regulation (GDPR). Like their European counterparts, U.S states such as California, Hawaii, and Washington have passed or proposed laws that are designed…

AppSec attack and defense: The password domino effect

The discourse around application security makes for a complex discussion. Experts seldom reach agreement in defining the best strategy in the face of the myriad of threats that individuals and organizations face. That said, one truth is held unanimously: There is no “silver bullet.” In other words, no security solution can compensate for the inherent…

Cybersecurity threats and unified communications

Given that businesses and customers are constantly working to become more connected and digital-first, there is a paramount need for them to protect their cyber assets and personal information as a result. Analysts estimate that by 2020, 60 percent of all enterprises will be the victims of a major cybersecurity breach. As reported by Cybersecurity…

The state of endpoint health in 2019

The endpoint has quickly become valuable real estate for security tools and controls, as traditional network perimeters have given way to cloud-based models in support of the digital workforce. By 2020, global IT security spend is expected to reach $128 billion with 24 percent of it allocated to endpoint security tools. In fact, organizations today use an average of 80 security…

Next post in Executive Insight