Does the NSA have a duty to disclose zero-day exploits?

By Michelle Drolet . 26 Sep 2016

The NSA should disclose all zero-day exploits. But it doesn’t.   To say the National Security Agency (NSA) prefers to lay low and shuns the limelight is an understatement. One joke said about the secretive group, widely regarded as the most skilled state-sponsored hackers in the world, is NSA actually stands for “No Such Agency.” … Continue reading Does the NSA have a duty to disclose zero-day exploits?

Cybersecurity is only as strong as your weakest link—your employees

By Michelle Drolet . 28 Jul 2016

Stay on top of account management and assess staff security skills with CIS Controls 16 and 17   You can have the most secure system in the world, but hackers will always seek out the path of least resistance. When your defenses are good, the weak link is often your employees. Data breaches are most … Continue reading Cybersecurity is only as strong as your weakest link—your employees

LinkedIn Data Breach Still Causing Problems

By Michelle Drolet . 21 Jun 2016

Failing to take basic security precautions with website passwords puts your data at risk   Do you remember back in 2012 when LinkedIn was hacked? Around 6.5 million user passwords were posted on a Russian blog. There was a mandatory password reset for affected users, and LinkedIn released a statement advising people to enable two-step … Continue reading LinkedIn Data Breach Still Causing Problems

8 Tips to Secure Those IoT Devices

By Michelle Drolet . 20 Jun 2016

Make sure the Internet of Things isn’t a route for hackers to get into your home or workplace   As more and more Internet-connected devices find their way into our homes and businesses, it’s important to remember that they represent a security risk. The Internet of Things (IoT) is growing rapidly, and in the rush … Continue reading 8 Tips to Secure Those IoT Devices

5 InfoSec concerns for colleges and universities

By Michelle Drolet . 14 Jun 2016

Higher education institutions are a prime target for cybercriminals, and IT needs resources to prevent attacks and provide a proper level of security   No industry or sector is immune to data breaches, but some are targeted more often than others. Education came ahead of government, retail and financial sectors, and it was second only … Continue reading 5 InfoSec concerns for colleges and universities

3 Ways to Protect Data and Control Access to It

By Michelle Drolet . 23 May 2016

Your company’s data is its crown jewels, and you must protect it all times. CIS Controls 13, 14 and 15 will help you.   Earlier we delved into disaster recovery and network security. Now it’s time to take a look at Critical Security Controls 13, 14 and 15, which cover data protection and access control. The … Continue reading 3 Ways to Protect Data and Control Access to It

7 Potential Security Concerns for Wearables

By Michelle Drolet . 28 Apr 2016

Is your organization safe from all these connected devices? Wearables are rapidly invading the workplace in much the same way that smartphones did. Fitness trackers, smartwatches, head-mounted displays and other new form factors are beginning to capture the public imagination. Sales of wearable electronic devices topped 232 million in 2015, and Gartner forecasts they’ll rise … Continue reading 7 Potential Security Concerns for Wearables

Bugs for cash: Bounty hunters in the new wild west of security

By Michelle Drolet . 20 Apr 2016

How security researchers and programmers hunt software bugs for cash rewards   The business of bug hunting is a potentially lucrative one for both seasoned security researchers and amateurs with an interest in hacking. It’s an area that’s gaining legitimacy thanks to official bug bounty programs and hacking contests, but there’s still a seedy underbelly … Continue reading Bugs for cash: Bounty hunters in the new wild west of security

DROWN attack sinks security for millions of websites

By Michelle Drolet . 8 Mar 2016

Security researchers reveal new technique to break TLS using SSLv2 server. The war to close down security vulnerabilities is never-ending, but the new “DROWN” vulnerability is one of the biggest to rear its ugly head in recent months. A group of security researchers from a number of different universities and research institutes just unveiled this … Continue reading DROWN attack sinks security for millions of websites

Ransomware is only getting worse. How do you prepare for it?

By Michelle Drolet . 4 Feb 2016

Ransomware-as-a-service, help desks, third parties — all point to a mature yet illegal enterprise undergoing serious growth. Here are tips to protect yourself and your company.   Ransomware is big business. Over the last few years we’ve observed the steady rise of ransomware, with some trepidation. It is fast becoming a multi-billion dollar business, and … Continue reading Ransomware is only getting worse. How do you prepare for it?

Tags