Cybersecurity Executive Insight, opinions and analysis l SC Media

Executive Insight

Zero trust: Trust no one, verify everything

Tried-and-true security solutions like URL filtering, anti-phishing software, firewalls, and other detection and signature-based solutions are able to mitigate most cybersecurity attacks. But they operate on the erroneous assumption that anyone and anything already inside of an organization network perimeter is safe and can be trusted. This line of thinking has long been proven incorrect,…

Automation and the existential opportunity

A lot of people are scared automation will eliminate their jobs. That’s going to be true in some industries, but ours is not one of them. Cybersecurity professionals who are accustomed to dealing with existential threats need to flip their mindsets and think of automation as an existential opportunity. There are millions of unfilled jobs…

Winning the cybercrime arms race with AI

The arms race between cybercriminals and cybersecurity professionals continues to escalate. And anyone watching the trajectory of this perpetual game of one-upmanship can see that this is a race towards implementing AI in the service of each side’s goals. For instance, a report by Nokia revealed that AI-powered botnets look for vulnerabilities in Android devices,…

7 Critical Security Steps to Protect You From an Office 365 Compromise

In August 2018, security researchers announced that cybercriminals were successfully bypassing Office 365’s Advanced Threat Protection via a new evolution of phishing – inserting malware links into SharePoint documents. Analysts at the cloud security firm Avanan discovered this vulnerability – reporting that SharePoint invitations containing malicious links were being sent from Microsoft to some users.…

Transient devices require strict control measures as regulatory compliance requirements grow

TThe proliferation of BYOD and portable media devices is increasing the cybercrime attack surface exponentially. TechAdvisory.org reports that 25 percent of malware is spread today through USB devices alone. Transient cyber assets  — or devices not connected to the network all the time (which includes USB devices) — are proving to be an acute vulnerability…

The Digital Unraveling: Vigilantes, Rogue Competitors, Big Break Ups, and Broken Trust

By 2021, the world will be significantly digitized and connected. Competing in the digital marketplace will become increasingly difficult, as businesses develop new strategies which challenge existing regulatory frameworks and social norms, enabling threats to grow in speed and precision. Vulnerabilities in software and applications will be frequently disclosed online with ever-decreasing time to fix…

Automation and the existential opportunity

A lot of people are scared automation will eliminate their jobs. That’s going to be true in some industries, but ours is not one of them. Cybersecurity professionals who are accustomed to dealing with existential threats need to flip their mindsets and think of automation as an existential opportunity. There are millions of unfilled jobs…

Going stealth: Bad guys embrace the power of branding

By Stu Sjouwerman Since the very dawn of organized phishing attacks, the bad guys have recognized the power of exploiting trusted brands and online services. Our original experience with phishing was defined by spoofed emails purporting to hail from popular banks. Their objective was simple: trick users into coughing up their online banking credentials with…

Introducing state privacy legislation amidst national privacy law discussions

Several states recently presented and passed data privacy legislation introducing individual consumer rights as well as data breach notification rules which in some ways reflect the protections afforded by Europe’s General Data Protection Regulation (GDPR). Like their European counterparts, U.S states such as California, Hawaii, and Washington have passed or proposed laws that are designed…

Next post in Executive Insight