Featured content

Two-factor authentication (2FA) is one of the most effective ways to reduce the risk of your employees falling victim to an account takeover, potentially exposing your organization’s sensitive assets and accounts.

Threat modeling is a key responsibility for any cybersecurity team that is looking to protect their organization and their organization’s assets. It’s designed to help cybersecurity teams proactively find and identify potential risks and threats, working through scenarios, response models, and other forms of threat detection.

Cloud apps make collaboration a breeze, but unless you’re keeping a close watch on identities, behavior, and privileges across each and every SaaS and IaaS you rely on, you’re a sitting duck.

When responding to a cybersecurity incident I’ve always found memory forensics to be a great skill to have. By capturing the memory of a compromised device you can quickly perform some analysis to identify potential malware and gather IOC’s which can then be used to identify other compromised devices.

One of the newest regulations for payment services and processors is the European Union’s Payment Services Directive or PSD2. The PSD2 began taking effect in September of 2018 and is designed to boost digital banking innovation while increasing security and consumer rights. Although PSD2 is an EU regulation, it’s expected to have a major impact on how banks, payment processors, and fintech firms do business globally.

In previous weeks we mentioned that the group behind the REvil ransomware attack has vanished from the internet, which makes it particularly surprising that a universal decryption key has been released this week. The key should allow all the victims that didn’t have backups to unlock their files. The mysterious appearance of this key has led to wild speculation including the possibility of the Russian government’s involvement or the payment of the $70 million Ransom.

A brute force attack (also known as brute force cracking) is the cyberattack equivalent of trying every key on your key ring, and eventually finding the right one. 5% of confirmed data breach incidents in 2017 stemmed from brute force attacks.

PCI compliance is a set of standards and guidelines for companies to manage and secure credit card related personal data. The major credit card companies – Visa, Mastercard, and American Express – established Payment Card Industry Data Security Standards (PCI DSS) guidelines in 2006 in an effort to protect credit card data from theft.

This past week hasn’t seen quite as much activity as others, likely due to the new ransomware task force created in the US and the mysterious disappearance of REvil and other gangs.

For most businesses, data migration is a necessary business process that takes place on a regular basis. Whether it’s implementing a new system or shifting information to more secure storage locations, having a solid data migration strategy that helps organizations is imperative for executive and information technology teams.

Cyber insurance is a necessary component of any IT or cybersecurity department responsible for protecting the assets, data, reputation, and bottom line of a company in the face of cybersecurity threats. While prevention is an important aspect, there’s no tool, solution, or strategy that’s 100% guaranteed to prevent a company from succumbing to a potential attack.

Amazon Web Services (AWS) offers IT infrastructure services (IaaS-Infrastructure as a Service) to businesses in the form of web services commonly known as cloud computing. AWS provides a highly reliable, scalable, low-cost infrastructure platform in the cloud that powers hundreds of thousands of businesses. AWS IAM is a web service that helps you securely control access to Amazon resources.