By Christopher Burgess Attackers essentially broke into the Twitch house and cleaned out everything. Following least-privilege access principles and encrypted datasets will help others avoid that scenario. No company wants to see its crown jewels exposed to the elements, yet this is what happened to the Amazon-owned online streaming platform Twitch on October 6 when 125GB of its data was posted on 4Chan. Twitch, via a Tweet, acknowledged the breach, “We can confirm a breach has taken...

To fully digitize the last mile of business, you need to distribute compute power where it’s needed most — right next to IoT devices that collect data from the real world. As technology extends deeper into every aspect of business, the tip of the spear is often some device at the outer edge of the network, whether a connected industrial controller, a soil moisture sensor, a smartphone, or a security cam. This ballooning internet of...

Each year on January 28, an international initiative known as Data Privacy Day serves to remind us of the importance of data privacy and the protection of personal information. The goal of Data Privacy Day 2021 is to empower consumers to Own Your Privacy and businesses to Respect Privacy. It Takes Two to Protect Data Privacy Protecting the privacy and security of sensitive data is a legal and regulatory responsibility of any business who collects, processes, stores, transmits or otherwise...

Existing and new challenges, from supply chain hacks to 5G rollouts, will continue to test the expanded role of security teams. CISOs faced a number of challenges in 2020, not the least of which was COVID-19 and the mass migration from onsite to remote work. Maybe for the first time, corporate leadership saw just how vital the security team is to ensuring the company runs, and runs smoothly, thus making 2020 the year when the...

It’s finally 2021 and towards the end of 2020 the world experienced one of the largest cyber breaches in history.  A commonly used security software company by the name of Solarwinds was breached. This caused thousands of businesses globally to be affected with potential malware, mimicking our own global cyber pandemic. Trust in security tools is important, but an overreliance on one solution leaves us more vulnerable than ever before. One tool is not going...

From ransomware schemes to supply chain attacks, this year melded classic hacks with extraordinary circumstances WHAT A WAY to kick off a new decade. 2020 showcased all of the digital risks and cybersecurity woes you’ve come to expect in the modern era, but this year was unique in the ways Covid-19 radically and tragically transformed life around the world. The pandemic also created unprecedented conditions in cyberspace, reshaping networks by pushing people to work from home en masse,...

Written by Stu Sjouerman Scamming incidents have increased by 519% in 2020 compared to last year, according to researchers at Baltimore-based ZeroFOX. The researchers compared their own data to a recent report from the Federal Trade Commission, which found that scams on social media have skyrocketed since the start of the pandemic earlier this year. ZeroFOX says their data aligns with the findings in the FTC’s report, and they’ve observed a significant year-over-year increase in...

Written by David Puzas The adoption of the cloud has fundamentally changed the game when it comes to how businesses go to market and develop modern applications. Today’s application lifecycle places a premium on speed to market, requiring cloud teams to build cloud-native applications supported by a programmable infrastructure that enables businesses to change and reconfigure cloud infrastructure on the fly. According to industry analysts, most successful attacks on cloud services are the result of customer...

Insider Risk is defined as  “The risk an insider is any person with authorized access to an organization’s resources to include personnel, facilities, information, equipment, networks, or systems”. A lot of organizations struggle with insider risk because the very nature of the risk comes from those who you trust with your systems and authorizations. From disgruntled employ to espionage, a gamete of actors, factors, and situations can lead to insider risk. An often-overlooked example of...

Cybersecurity compliance isn’t something you can accomplish easily. There are an overwhelming number of acronyms, controls, and laws that leave many scratching their head. Compliance requirements vary and can be imposed by law, non-government regulatory bodies, and even private industry groups. Cybersecurity Compliance involves meeting various “conditionals” or controls to protect the confidentiality, integrity, and access of data. Compliance requirements vary by business type, sector, or industry. They typically involve using an array of specific...