HackDig : Dig high-quality web security articles

Cybersecurity Policy – time to think outside the box?

When we get into cybersecurity, one of the first things any organisation or company should do is write a cybersecurity policy, one that is owned by all. Easy words to put down on paper, but what do they mean?So, what is a cybersecurity policy? Well, it is defined in the Gartner IT Glossary as, “an organization’s statement of intent, principles and appro
Publish At:2022-07-21 01:06 | Read:445500 | Comments:0 | Tags:Featured Articles Security Controls cybersecurity policy pol

NERC CIP Audits: Top 8 Dos and Don’ts

My time at NERC had me involved with quite a few projects over my seven-year career there. I was involved with CIP compliance audits, investigations, auditor training, and many advisory sessions. Typically, I was advising entities across North America on different tactics, techniques, and insight from best practices I have seen. I wanted to share a few of th
Publish At:2022-06-07 06:11 | Read:588544 | Comments:0 | Tags:Featured Articles NERC CIP Regulatory Compliance audits comp

Lessons Learned by 2022 Cyberattacks: X-Force Threat Intelligence Report

Every year, the IBM Security X-Force team of cybersecurity experts mines billions of data points to reveal today’s most urgent security statistics and trends. This year’s X-Force Threat Intelligence Index 2022 digs into attack types, infection vectors, top threat actors, malware trends and industry-specific insights.  This year, a new indus
Publish At:2022-05-26 10:29 | Read:218271 | Comments:0 | Tags:Application Security Data Protection Energy & Utility Incide

To Governance and Beyond: Cybersecurity as a Journey

How often have you heard someone say “Cybersecurity is complicated!”?If you’re a practitioner in the cybersecurity industry you’ll have heard these words often, probably along with “…and it’s really boring too!”Complex, not complicatedLet’s start with the first statement.In truth, cybersecurity is a complex top
Publish At:2022-03-17 02:07 | Read:321369 | Comments:0 | Tags:Featured Articles Security Controls compliance controls Gove

Building Cyber Resilience in a heightened alert environment

There has been a lot of talk about cyber weapons and the cyber dimension of global politics after the NotPetya and WannaCry attacks of 2017 and the Stuxnet worm, first discovered in 2010, when it was used to attack the control mechanisms of Iran’s uranium enriching centrifuges.Professor Ciaran Martin CB, former CEO of the UK National Cyber Security Centre (N
Publish At:2022-03-10 02:07 | Read:263565 | Comments:0 | Tags:Cyber Security CISA Cyber Attacks cyber resilience NCSC risk

Cybersecurity and Drones: How to Address the Security Threats

The Unmanned Aerial Systems (UAS) industry has become a massive technological playground worldwide. Their extensive applications make UAS very popular for the public and the private sector. Armed forces, agricultural industry, law enforcement, meteorological agencies, medical services, environmental companies, and oil refineries are but a few out of the exce
Publish At:2022-01-31 02:06 | Read:770618 | Comments:0 | Tags:IT Security and Data Protection cybersecurity Drones risk Se

ISO27001:2022 – A New Way of Working

It has been a long time coming! The upgrade to the international standard for information security management systems, ISO27001:2013, is here (almost).Hallelujah!If you’re reading this article, then there’s a reasonable assumption that you know what ISO27001 is and you’re not going to be too worried about the back story. But let’s all
Publish At:2022-01-25 02:06 | Read:210981 | Comments:0 | Tags:Security Controls compliance Governance GRC ISO 27001 risk s

Digital Transformation: Balancing Speed, Security and Innovation

Today, digital transformation (DX) is happening in every industry. Organizations operating in sectors that typically eschew technology are moving to the cloud, leveraging IoT and using analytics. Digital transformation plays a critical role for any company to stay competitive and resilient. But what does digital transformation look like for most companies,
Publish At:2022-01-13 10:07 | Read:605343 | Comments:0 | Tags:Application Security Cloud Security Data Protection Incident

Small Business Cybersecurity: What to Fix, What to Manage and What to Outsource

The risk posture of small and medium-sized businesses has changed a lot over the last few years. Bluntly: small businesses inherited a series of digital risks. Many of these risks, such as supply chain and cloud-related risks, can wound and devastate a small business. Meanwhile, the enterprise, armed with more resources, could sustain the shock. When, and h
Publish At:2022-01-10 14:02 | Read:555141 | Comments:0 | Tags:Data Protection Incident Response Risk Management Security S

Changing the Conversation with Risk Quantification

“Quantitative risk analysis is the single most effective way to align security with business priorities and establish credibility with teams.” — U.S.-based CISO As organizations continue to leverage the latest technologies and move toward even greater interconnectivity in the pursuit of growth, business strategy and cybersecurity continue
Publish At:2021-12-28 14:02 | Read:241385 | Comments:0 | Tags:CISO Risk Management Security Services Chief Information Sec

7 Holiday Cybersecurity Tips to Try Before The Year Ends

The holiday rush is upon us, and so is the risk of cyberattack. Threat actors often get to work during the holidays. IT staff is heading out for vacation, and everyone is in a hurry. This means we might skimp on security. Still, there are some holiday cybersecurity tips that will help make the season go smoothly.    End of Year and Christmas
Publish At:2021-12-06 14:02 | Read:476706 | Comments:0 | Tags:Data Protection Fraud Protection Identity & Access Incident

IoT Security: Are Personal Devices Dragging Your Work Network Down?

How many connected devices have you added to your household since March 2020? Be sure to count fitness trackers, speakers, gaming machines and even your Tesla, if there’s one in your driveway. Were you one of the many people who waited months for a Peloton? Don’t overlook your new bike. Now add in all your voice-based assistants, such as Google
Publish At:2021-11-23 10:05 | Read:273164 | Comments:0 | Tags:Data Protection Endpoint Identity & Access Incident Response

Recommendations for Fulfilling the Potentials of Cyber Insurance

Cyber insurance has great potentials in improving cybersecurity practices and protecting organizations against the impact of security incidents, but these potentials “have yet to fully materialize.” This is the key highlight of a recent report developed by the Royal United Services Institute for Defence and Security Studies (RUSI) and the University of Kent
Publish At:2021-11-12 02:04 | Read:525949 | Comments:0 | Tags:IT Security and Data Protection breaches Cyber Insurance dat

What You Need to Know About Data Security Heading into 2022

Every business needs an effective data security strategy. Over the past year alone, 64% of companies worldwide faced some form of cyber attack, with an average cost of $4.24 million per breach — the highest ever recorded.  Modern enterprises must ensure that their systems can resist unauthorized access, stop data breaches and remain secure (while
Publish At:2021-10-07 17:15 | Read:381301 | Comments:0 | Tags:Data Protection Risk Management Security Services Data Secur

Vulnerability Scanning vs. Penetration Testing

It amazes me how many people confuse the importance of vulnerability scanning with penetration testing. Vulnerability scanning cannot replace the importance of penetration testing, and penetration testing, on its own, cannot secure the entire network. Both are important at their respective levels, needed in cyber risk analysis, and are required by standards
Publish At:2021-07-07 10:05 | Read:235855 | Comments:0 | Tags:Featured Articles Vulnerability Management penetration testi

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud