HackDig : Dig high-quality web security articles

What You Need to Know About Data Security Heading into 2022

Every business needs an effective data security strategy. Over the past year alone, 64% of companies worldwide faced some form of cyber attack, with an average cost of $4.24 million per breach — the highest ever recorded.  Modern enterprises must ensure that their systems can resist unauthorized access, stop data breaches and remain secure (while
Publish At:2021-10-07 17:15 | Read:449 | Comments:0 | Tags:Data Protection Risk Management Security Services Data Secur

How One Application Test Uncovered an Unexpected Opening in an Enterprise Call Tool

Working as security consultants is highly rewarding. Companies depend on us to view their environment from the perspective of an attacker and find vulnerabilities that could enable threats to succeed. One of the most impactful parts of our role is when we’re the first to find a major vulnerability that could lead to a widespread compromise beyond just
Publish At:2021-06-22 17:39 | Read:545 | Comments:0 | Tags:Software Vulnerabilities Application Security Security Servi

Critical Business Operations Are At Risk, and Companies Are Not Making This a Priority

Many companies around the world with industrial operations environments, commonly referred to as operational technology (OT) environments, do not invest the same resources to protect OT systems as they do to secure their corporate enterprise environments. Yet, these same companies are investing significantly to transform these environments with modern techn
Publish At:2021-06-08 09:15 | Read:600 | Comments:0 | Tags:Risk Management Security Services operational technology Acc

Driving the Desire for FAIR: What Is Your ‘Why’ for Security Risk Quantification?

One of the first questions I ask when working with an organization is “Why are you interested in making FAIR (Factor Analysis of Information Risk) a part of your standard risk management practice?” The answer is different for every client, and that truly highlights the value of risk quantification. We can apply risk quantification to a number of
Publish At:2021-06-07 13:45 | Read:576 | Comments:0 | Tags:CISO Risk Management Intelligence & Analytics Security Servi

Using FAIR and NIST CSF for Security Risk Management

Risk management and risk assessments go hand in hand, and most organizations have completed a security assessment based on maturity models at some point in their existence. However, more companies are realizing the need to complement maturity models with a risk-based approach for assessing their cybersecurity positions. One such risk-based approach is based
Publish At:2021-05-18 20:01 | Read:722 | Comments:0 | Tags:CISO Risk Management Security Services NIST National Institu

How to Reduce Zero Trust Frustration By Capturing Context

Zero trust remains one of the best ways for companies to reduce total risk. By knowing the potential risk of any request — both inside and outside the enterprise network — rather than assuming good intentions, companies can limit potential attacks. Deploying a zero trust framework at scale, however, may cause frustration. It increases operationa
Publish At:2021-05-14 18:06 | Read:840 | Comments:0 | Tags:Data Protection Risk Management Security Services Phishing R

Taking the Risk Out of Mergers and Acquisitions

In the post-COVID-19 economy, cyber risk and cybersecurity will play a central role in unlocking mergers and acquisitions (M&A) deal valuations. While economic uncertainty has contributed to a decline in M&A activity in the first half of 2020, many analysts expect an increase in deals during 2020-21 based on several conditions. The Mergers and Acqui
Publish At:2020-09-30 12:45 | Read:1238 | Comments:0 | Tags:Banking & Financial Services CISO Risk Management Security S

Video Conferencing Security Tips You May Have Overlooked

Video conferencing applications grew substantially following the outbreak of the coronavirus (COVID-19) global pandemic. According to Research and Markets article “Video Conferencing Demand Rises due to Social-Distancing,” video conferencing software experienced 62 million downloads in March 2020. This increase in use resulted from businesses ado
Publish At:2020-07-08 10:58 | Read:1875 | Comments:0 | Tags:Data Protection Risk Management Software & App Vulnerabiliti

Three Approaches to Cybersecurity Planning for Post-Pandemic Cloud Adoption

The global pandemic has been dictating how the whole world is reforming, businesses included. Different forums and analyst reports are increasingly calling out the future of businesses as they are moving their workloads to the cloud gradually. IDC “expects 2021 to be the year of multi-cloud” as the global COVID-19 pandemic reinforces the need for business to
Publish At:2020-06-24 11:06 | Read:1867 | Comments:0 | Tags:Cloud Security Risk Management Cloud Adoption Cybersecurity

ENISA released a Tool to map dependencies to International Standards

The European Agency for Cybersecurity ENISA has released a tool for the mapping of international security standards to interdependencies’ indicators. ENISA has released a tool for the mapping of international security standards to interdependencies’ indicators that have been introduced and demonstrated in the report Good practices on interdependencies bet
Publish At:2020-04-06 17:16 | Read:2506 | Comments:0 | Tags:Breaking News Security ENISA information security news it se

Inadvertent Insider Threats Present a Unique Challenge to Organizations

According to the recent X-Force Threat Intelligence Index 2020, more than 8.5 billion records were exposed due to breaches in 2019, of which 86 percent were due to misconfigured assets. These issues affected only half of the records breached in 2018, and as the 2017 report stated, 70 percent of the 2.9 billion records lost that year were due to misconfigurat
Publish At:2020-03-13 11:46 | Read:2551 | Comments:0 | Tags:CISO Cloud Security Cloud Cloud Services Cloud Services Prov

Safeguarding Healthcare for the Future With Zero Trust Security

In 2019, we saw a record number of information security breaches. According to the IBM X-Force Threat Intelligence Index 2020, a total of 8.5 billion records were compromised — three times the number from 2018. The healthcare industry saw its fair share of attacks and was the 10th-most targeted industry, accounting for 3 percent of all attacks last year. Th
Publish At:2020-03-11 08:47 | Read:2752 | Comments:0 | Tags:Healthcare Identity & Access Access Management Advanced Pers

To Be or Not to Be: BCSI in the Cloud?

With regard to BCSI (BES (Bulk Electric System) Cyber System Information) in the cloud, responsible entity sentiments at the moment may be akin to Prince Hamlet as he contemplated death and suicide, “bemoaning the pain and unfairness of life but acknowledging that the alternative might be worse.”As currently written and subject to enforcement, components of
Publish At:2020-03-08 23:43 | Read:3547 | Comments:0 | Tags:Cloud BCSI Risk Assessment

Measuring Security Risk in a Medical IoT World

The medical internet of things (IoT) is no longer a futuristic concept. It is here today, and it includes devices you may have never considered a part of the patient care ecosystem, such as elevators, beds, exit signs and clocks. Between those operational technologies and the devices the U.S. Food and Drug Administration (FDA) has already deemed critical, th
Publish At:2020-03-04 09:51 | Read:2481 | Comments:0 | Tags:Endpoint Healthcare Risk Management Security Services IoT Co

A Guide to Easy and Effective Threat Modeling

Threat modeling is a process by which potential threats can be identified, enumerated and prioritized, all from a hypothetical attacker’s point of view. The purpose of threat modeling is to provide defenders with a systematic analysis of the probable attacker’s profile, the most likely attack vectors and the assets most desired by an attacker. Ef
Publish At:2020-02-27 09:41 | Read:2631 | Comments:0 | Tags:Application Security Security Intelligence & Analytics Appli

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3