For IT Pros Only

Lets be clear: this is for IT people. Not because IT people are better looking and drive cooler cars than the general populace (which is true: most IT departments look like extras from the set of The Fast and Furious), but because unless you're familiar with things like the dark blackness that grips your soul when you discover that two NICs have the same MAC address on your network - you probably aren't going to appreciate this at all.

Get Your Cards Now
Data Security
Threat Modeling

Threat Modeling: 6 Mistakes You’re Probably Making

Threat modeling is the new normal for modern cybersecurity teams. Predicting threats and testing all possible permutations of those threats and vulnerabilities is a difficult job. Companies spend hundreds of work hours to develop a comprehensive security strategy and the appropriate threat modeling to test, verify, and enhance the strategy over time. We will discuss mistakes security teams make while creating their threat models, along with strategies on how to use threat modeling as a…
C-Level

CEO vs. CSO Data Security Mindsets, Part I

If you want to gain real insight into the disconnect between IT and the C-levels, then take a closer look at the Cyentia Institute’s Cyber Balance Sheet Report, 2017. Cyentia was founded by the IOS blog’s favorite data breach thinker and statistician, Wade Baker. Based on surveying over 80 corporate board members and IT executives, Cyentia broke down the differing data security viewpoints between CSOs and the board (including CEOs) into six different areas. The…
Data Security

5 Ways to Protect Active Directory with Varonis

The fastest way to break into someone’s network is through Active Directory (AD) – it’s the key to the entire kingdom. If you need access to any server, you need to ask AD for permission. Varonis monitors Active Directory to protect you from a myriad of cybersecurity threats. By combining knowledge of AD, file server activity, and perimeter telemetry, Varonis can detect threats in AD before they become full-blown data breaches. Technical note: Active Directory…
Data Security
CryptoLocker

CryptoLocker: Everything You Need to Know

What is CryptoLocker? CryptoLocker is by now a well known piece of malware that can be especially damaging for any data-driven organization. Once the code has been executed, it encrypts files on desktops and network shares and “holds them for ransom”, prompting any user that tries to open the file to pay a fee to decrypt them. For this reason, CryptoLocker and its variants have come to be known as “ransomware.” Malware like CryptoLocker can…
Data Security
computer hacker

8 Events That Changed Cybersecurity Forever

“Those who cannot remember the past are condemned to repeat it.” – George Santayana The first computer virus was created in the early 1970s and was detected on ARPANET, the predecessor to the internet. In 1988 the first computer worm was distributed, gaining mass mainstream media attention. A quarter of a century later and viruses have evolved to become a pandemic. Viruses have proliferated quickly and malware has become more complex. Cyber attacks happen daily…
Data Security

A Guide on the Data Lifecycle: Identifying Where Your Data is Vulnerable

Data is a company’s most valuable asset. To maintain data’s value, it’s vital to identify where that data is vulnerable. According to data and ethics expert Dr. Gemma Galdon Clavell, there are five major moments where data is most vulnerable: collection, storage, sharing, analysis, and deletion. These vulnerability points increase the risk of a data breach – and we’ve all heard about the costs of having one. Many of these vulnerability points are part of…
Data Security
cerber ransomware

Cerber Ransomware: What You Need to Know

What is Cerber? Cerber ransomware is ransomware-as-a-service (RaaS), which means that the attacker licenses Cerber ransomware over the internet and splits the ransom with the developer. For a 40% cut of the ransom, you can sign-up as a Cerber affiliate and deliver all the Cerber ransomware you want. Most ransomware doesn’t use this service paradigm. Typically, an attacker would adapt and deliver the ransomware and keep all of the money. By setting up Cerber as…
Data Security, Varonis News

Varonis DatAlert and IBM QRadar

Varonis now integrates with the IBM QRadar Security Intelligence Platform, with the Varonis App for QRadar. The Varonis App for QRadar adds context and security analytics to simplify investigations, streamline threat detection, and build more context around security alerts and incidents. How It Works You can view Varonis alerts directly in IBM QRadar – and can drill down and investigate alerts in the Varonis Web UI for additional insight, accelerating security investigations. We correlate Varonis alerts with events collected…
Data Security, Varonis News

Varonis DataPrivilege and RSA® Identity Governance and Lifecycle

We’re thrilled to announce interoperability between Varonis DataPrivilege and RSA® Identity Governance and Lifecycle, with a new Implementation Blueprint.  This Implementation Blueprint will help the business to quickly detect security and compliance access risks and amend access entitlement issues associated with unstructured data. How it Works The Varonis Data Security Platform helps prepare enterprise data for RSA Identity Governance and Lifecycle by finding data owners, correcting inconsistent permissions, removing global security groups, and simplifying and…
Data Security
Incident Response 6-Step Plan

What is Incident Response? A 6-Step Plan

“We don’t rise to the level of our expectations, we fall to the level of our training.” – Archilochus Incident Response is the art of cleanup and recovery when you discover a cybersecurity breach. You might also see these breaches referred to as IT incidents, security incidents, or computer incidents – but whatever you call them, you need a plan and a team dedicated to managing the incident and minimizing the damage and cost of…
Data Security
DDoS Attack

What is a Distributed Denial of Service (DDoS) Attack?

A Distributed Denial of Service (DDoS) attack is an attempt to crush a web server or online system by overwhelming it with data. DDoS attacks can be simple mischief, revenge, or hactivism, and can range from a minor annoyance to long-term downtime resulting in loss of business. Hackers hit GitHub with a DDoS attack of 1.35 terrabytes of data per second in February of 2018. That’s a massive attack, and it’s doubtful that it will…
Data Security
Coworkers bumping their fists

The Top Skills of Fortune 100 CISOs

The role of CISO is constantly expanding and evolving with the growing awareness of cyber attacks. As cyber attacks increase in density and sophistication, organizations are beginning to look at security as a business priority and the role of CISO has become more critical. Companies need to look beyond basic technical expertise and the necessary leadership skills and instead look for someone who can also understand their organization’s operations and can express IT security priorities…