Personal email systems and file synchronization and sharing tools like Dropbox and Gmail have become prevalent, but have inherent risks in the business world. The Compliance-as-a-Service vendor Sokasa provides a self-service turnkey encryption and compliance solution to ensure files are encrypted wherever they're placed.
According to the 2013 Verizon Data Breach Investigations Report, in organizations investigated for breaches, email was the initial attack vector 67% of the time. Malware-laden files are often sent as attachments, and unsuspecting victims open them and unleash the evil to their internal networks. Now one company claims it has a solution that will sanitize those files and neutralize the attack before it can do harm.
The market is saturated with security technologies designed to prevent bad stuff from happening, and we also have a lot of solutions to detect if something improper is happening or has happened. The next wave of security automation is coming, and that’s the area of incident response. Precisely what should you do if a security incident has happened?
Are you feeling a little restless in your career? Could it be time for something new? This is a great time to consider a new career as a cybersecurity professional. Experts in cybersecurity are among the most sought-after professionals in the tech sector, with demand for workers in that field outpacing other IT jobs by a wide margin.
Many enterprises want to use cloud services for file storage and sharing but are hesitant because the cloud provider may be able to access the content. AlephCloud has a service that encrypts files at their creation source.
Responsible network managers need to acknowledge that attacks leading to data breaches do happen and plan accordingly. By focusing on the fundamentals of best practices, they can control the breach and limit the amount of damage.
How do you know if you can trust a cloud service provider with your enterprise data? Skyhigh Networks, in conjunction with the Cloud Security Alliance, has developed a CloudTrust program that measures and evaluates more than 50 attributes that determine a trust rating.
Firewalls are often the first security mechanism that is installed on any network. For industrial control networks in municipal water systems, nuclear power plants and other critical infrastructure, firewalls simply aren’t good enough to keep attack payloads away. Industrial plants need unidirectional gateways to provide the ultimate security for critical control systems.
As companies move more of their applications to the cloud, they need a new enforcement point to protect data. Skyfence Networks offers a security gateway that monitors user activity for all cloud applications and prevents unauthorized access by malicious insiders and criminals using stolen credentials.
Many enterprises are still hesitant to officially embrace BYOD because of security concerns for data and applications. A new entrant in the mobile security market offers a fairly comprehensive array of security features. Marble Security focuses on protecting corporate assets by blocking risky behaviors and ensuring a secure network connection.
School districts across the country are looking for ways to stretch their meager funding. An identity and access management system can help the IT budget go the distance by reducing the man-hours needed to create and manage student and teacher accounts and through precision purchasing of only the materials needed for online learning.
If your company hasn’t updated its network access control (NAC) solution in a few years, resolve to look at the next generation of products now on the market. Current products are designed to make enabling BYOD (bring your own device) a whole lot easier.
WAN optimization has traditionally been a costly, hardware-heavy solution. Because of the cost and complexities of deployment, it has mostly been a solution for large companies with big budgets. Aryaka offers WAN Optimization as a Service, so now any size company with remote locations can benefit from accelerated access to enterprise or even cloud-hosted SaaS applications.
The fictional characters in the show NCIS are a whiz when it comes to using forensics to find digital evidence. In the real world, very few law enforcement officials have those skills, but that’s changing as more officers go through training at the National Computer Forensics Institute.
Want to have some fun while working on your network security skills? SANS Institute has opened its 10th annual Holiday Hacking Challenge. It’s a fun way to test your knowledge and learn a few new tricks while competing for awesome prizes.
Many small- to midsize businesses have woeful cybersecurity plans—if they have a plan at all. Cybersecurity is a complex issue but there are many simple steps that businesses can take to protect themselves. The Greater Houston Partnership has developed a thorough (but free) guide to help SMBs improve their security posture.
CISOs’ number one concern about allowing BYOD is the security of enterprise data. A close second is the security of the enterprise network that can be compromised by just one malware-infected smart device. Mojave Networks addresses those concerns by offering enterprise-grade security for mobile devices from the cloud.
Security researcher Michael Sutton is really concerned. He says most companies haven’t advanced their security strategies to keep pace with today’s threats—especially the most serious advanced persistent threats. He recommends a holistic approach that includes protection, detection and remediation.
It’s growing more difficult to monitor and manage the near-constant changes to network configurations. Tufin Technologies introduces security policy orchestration is order to bring automation, collaboration and integration to the process. The benefits include reducing the time to make secure changes from a week to a day.
According to OWASP, the top threat to Web applications is SQL injections that modify code in order to steal data. While traditional perimeter defenses have not been able to prevent these attacks, DB Networks has introduced a new core IDS that uses behavioral analysis to scrutinize the SQL code that is accessing databases.
Companies use surveillance cameras to record what is happening in physical locations. Now take that concept and apply it to IT systems. ObserveIT records the user interface actions that occur when someone is accessing your systems or applications. The result is a detailed audit trail that shows precisely who did what in both video and transcript format.
Startup Malcovery Security has a unique way of looking at phishing attacks. Through deep analysis of phishing spam, Malcovery can often identify the precise person behind waves of attacks. The idea is to take that person out of commission – preferably to put them behind bars – in order to eliminate the source rather than just the symptoms of phishing.
A new certification designed to advance industrial cyber security will launch in November. The cross-discipline certification focuses on the foundational knowledge that professionals responsible for securing critical infrastructure assets should know.
When you think of tech hubs – places with all of the resources to support innovative IT companies – you think of Silicon Valley, of course, and perhaps Austin, Boston and New York City. Would it surprise you to learn that an up-and-coming city in the southeastern part of the U.S. is also working hard to join those ranks?