DROWN attack sinks security for millions of websites

By Michelle Drolet . 8 Mar 2016

Security researchers reveal new technique to break TLS using SSLv2 server. The war to close down security vulnerabilities is never-ending, but the new “DROWN” vulnerability is one of the biggest to rear its ugly head in recent months. A group of security researchers from a number of different universities and research institutes just unveiled this … Continue reading DROWN attack sinks security for millions of websites

Create a data recovery plan and secure your network

By Michelle Drolet . 22 Feb 2016

Following the Center for Internet Security’s best practices.   We discussed building malware defenses the last time out, but today we’re going to focus on Critical Security Controls 10, 11, and 12 covering data recovery, secure network configuration, and boundary defense. It’s unrealistic to think that you can completely avoid cyberattacks and data breaches, so … Continue reading Create a data recovery plan and secure your network

10 Things I Know About…Hiring a vCISO

By Michelle Drolet . 15 Feb 2016

10. A hedge against a breach A virtual chief information security officer can serve as security consul or as an interim CISO to fill the gaps during a planned information-technology security policy review. Better to be safe than sorry.   9. High talent at low costs As a temp hire, a vCISO offers flexibility and … Continue reading 10 Things I Know About…Hiring a vCISO

5 cybersecurity trends to watch for in 2016

By Michelle Drolet . 4 Feb 2016

As threats evolve and grow more sophisticated, securing IT systems is more important than ever.   We may welcome in the New Year with open arms, but we must also prepare for the cybersecurity threats ahead of us. The 2015 Cost of Data Breach Study from IBM and the Ponemon Institute put the average cost … Continue reading 5 cybersecurity trends to watch for in 2016

Ransomware is only getting worse. How do you prepare for it?

By Michelle Drolet . 4 Feb 2016

Ransomware-as-a-service, help desks, third parties — all point to a mature yet illegal enterprise undergoing serious growth. Here are tips to protect yourself and your company.   Ransomware is big business. Over the last few years we’ve observed the steady rise of ransomware, with some trepidation. It is fast becoming a multi-billion dollar business, and … Continue reading Ransomware is only getting worse. How do you prepare for it?

5 Information Security Trends for 2016

By Michelle Drolet . 20 Jan 2016

Online security trends continue to evolve. This year, online extortion will become more prevalent. We also expect that at least one consumer-grade IoT smart device failure will be lethal.  Ransomware will make further inroads, since the majority go unreported. China will drive mobile malware growth to 20M, and cybercrime legislation will take a significant step … Continue reading 5 Information Security Trends for 2016

10 Things I Know About Business Security

By Michelle Drolet . 19 Jan 2016

10. Everything is connected. As the Internet of Things adds more and more devices to our networks, it creates more doors and windows for cyber criminals. Keep them locked. 9. Ransomware is on the rise. If you don’t want to end up paying to access your own data, then make sure that you protect it … Continue reading 10 Things I Know About Business Security

The challenges of third-party risk management

By Michelle Drolet . 17 Nov 2015

Vendors and other third parties should be treated with the same level of intense scrutiny as your own in-house risk compliance mandates.   How seriously is your company treating the risk of a data breach? Have you done due diligence on all of your vendors and third-party partners? Cyberattacks can have a devastating impact in … Continue reading The challenges of third-party risk management

How CSC can help build your InfoSec framework

By Michelle Drolet . 28 Oct 2015

Critical Security Controls is a set of best practices devised by the Center for Internet Security, a nonprofit dedicated to improving cybersecurity in the public and private sectors.   Cyberattacks are costing businesses between $400 billion and $500 billion per year, depending on which analysts you listen to. Cybersecurity has never been a hotter topic. … Continue reading How CSC can help build your InfoSec framework

5 myths about data encryption

By Michelle Drolet . 24 Sep 2015

Encryption has a bad rap and far too often protection schemes are deployed foolishly without encryption in hopes of protecting data.   t’s a heartache, nothing but a heartache. Hits you when it’s too late, hits you when you’re down. It’s a fools’ game, nothing but a fool’s game. Standing in the cold rain, feeling … Continue reading 5 myths about data encryption

Tags