Perspectives news, articles & updates| SC Media

Perspectives

Policy compliance: one size does not fit all

How do we get our brains around the arcane topic of policy compliance? Security pros define compliance as adhering to established rules and regulations, codes of conduct, laws, or organizational standards of conduct. For the cybersecurity industry, this means following guidelines established to protect the security and privacy of an organization’s information system or enterprise.…

Navigating through the mind of a 2020 hacker

When someone gets notified that they have been impacted by a data breach, many people picture a hooded figure in a dark basement with lines of code streaming across a computer screen. Contrary to popular belief, cyberattacks are rarely carried out by a sophisticated cyber-assassin looking to destroy a business. Most of the time they…

Three ways cloud security posture management helps security teams

It comes as no surprise to enterprises when an otherwise productive employee unknowingly opens the organization to risk or even causes a breach. The knee-jerk culpability typically gets attributed to the cloud provider, yet Gartner warns that through 2025, at least 99 percent of cloud security failures are the cutomer’s fault.   Gartner’s statement implies…

Five tips for controlling insider threats during the work-from-home era

The internet was rocked by a very public breach on Twitter during July in which dozens of celebrity accounts were compromised. The hacked accounts announced all at once that they’d double “donations” made to their personal bitcoin account, which in reality was a cryptocurrency scheme. As more details emerged, we learned that the cybercriminals behind…

Maximize zero trust security by expanding beyond basic principles

The pandemic has fundamentally changed how security teams think about protecting the business, in many cases accelerating digital transformation projects and placing renewed emphasis on the Zero Trust model for information security. As security teams implement Zero Trust, it’s important to consider access management and control. In doing so, this reflects a larger shift in…

12 checklist items for defeating Magecart attacks

Magecart groups have made many successful attacks on high-profile companies over the past two years. In a Magecart attack, attackers covertly inject credit card skimming code into the checkout pages of e-commerce websites to exfiltrate data on thousands of customers. While some might only remember Magecart from the 2018 British Airways breach, one of these…

How to Prevent Recruiting Scams During the Pandemic

During the ongoing pandemic, we’re not just facing unprecedented health challenges, we’re now forced to deal with those who view this situation as an opportunity to carry out fraud and scams against susceptible people and organizations. These scams often aim to collect personally identifiable information and steal money from the victims. Malicious actors take advantage…

Collaboration tools make work-from-home easier, but they can cause costly breaches

The COVID-19 crisis has transformed how and where we work. And that has profound implications for data security. When shelter-in-place orders started last March, IT organizations did heroic work expanding their VPN capabilities, distributing secure endpoint devices, and accelerating adoption of collaboration platforms such as Zoom, Microsoft Teams, Google Meet, and Slack. Stanford researchers have…

Combat data breaches by using training and technology

Corporate data breaches are a big deal, and as data grows more valuable and regulations become stricter, it’s increasingly important to have the right mechanisms in place to prevent them. IBM’s 2020 Cost of a Data Breach report found that the average cost of a breach in the U.S. was more than $8 million. Even…

Next post in Perspectives