Featured Content

When most people think of the CIA, they picture suits and ties, espionage, and James Bond. But the CIA triad (which stands for confidentiality, integrity, and availability) protects organizations from a different type of danger. The CIA triad we’ll be discussing is a security model designed to guide an organization in establishing its security infrastructure. It consists of key principles and objectives for information security programs and strategy development.

Frustrated with the slow wifi speed in my hotel room — and irritated at the hard upsell to a “premium” tier speed — I took matters into my own hands and plugged my travel router directly into the hotel's unthrottled wired network. I didn’t actually expect this to work; surely an international hospitality chain would have some sort of basic network access control (NAC) in place. But my instantaneous speed upgrade suggested two things: 1) I was successful in my quest, and 2) this hotel group might need to work on network security.

Ransomware is a form of malicious software that infiltrates a computer or network and limits or restricts access to critical data by encrypting files until a ransom is paid. The first use of ransomware dates back to 1989, when floppy disks were high-tech and the price of the ransom was a mere $189.

Companies today rely on dozens to hundreds of software-as-a-service (SaaS) applications for their workload, data, and processes. The lower costs, ease of use, scalability, and integration capabilities of SaaS apps offers an attractive alternative to on-premise solutions. But as with all cyber offerings, SaaS apps are susceptible to attacks and so the need for SaaS security posture management (SSPM) was born.

Network administrators need to employ tools to protect their network and prevent malicious actors from gaining access. Intrusion detection systems (IDS) and intrusion prevention systems (IPS) are categories of tools commonly used for this purpose. It’s important to know the difference between them, which are best for certain types of organizations, and how to maximize their effectiveness.

DNS is known as one of the most fundamental and important protocols of the TCP\IP stack. We rely on DNS for the most basic online activities (like watching cat videos on Instagram).

It may seem counterintuitive to pay someone to tell you your shortcomings, but smart companies today are shelling out dollars and resources to do just that, in the form of red teaming. Red teaming is the practice of testing the security of an organization’s systems by emulating a malicious actor and hacking into secure systems or data. A red team can be an externally contracted group of penetration testers or a team within your own organization, designed to hack your system to prepare for a wide variety of cyberattacks and breach scenarios before they occur. If your organization has outstanding penetration testing tools and endpoint detection processes, for instance, red teams may try phishing or breaching physical access controls during a simulation.

Raise your hand if the question, “What are we doing to make sure we are not the next ransomware victim?” is all too familiar. If you’re a CISO, CIO, or IT director you’ve probably been asked that a lot lately by senior management. While it might be tempting to try out the latest one-trick-pony technical solution, truly protecting your organization and its data requires a broad, comprehensive approach. And there’s no better foundation for building a culture of protection than a good information security policy.

In an ever-changing cybersecurity environment, organizations must adapt their security tech stack in order to better secure themselves. As environments get more complicated, open XDR has emerged as an advanced detection and response tool companies should consider.

Every second, trillions of 1’s and 0’s zip through fiber-optic links, skip from continent to continent through undersea cables and wirelessly bring users all over the world the Internet we know and love. But have you ever wondered exactly how those bits of data move from one place to another? Traceroute, a tool you may already have, can provide some insights by tracing the path between your computer and a target destination. In this post, we’ll look at what traceroute is and how traceroute works, learn how to run traceroute on several different platforms, and how to read a traceroute output.

Images of an elite hacker commandeering an organization’s network from halfway across the globe might play out well in Hollywood, but for many CISOs, an insider threat ranks high on the list of things keeping them up at night.

As Wi-Fi has become increasingly abundant across many private and public spaces, it has become a breeding ground for malicious hackers and bad actors. One of these attacks is known as the evil twin attack, which takes advantage of individuals looking to connect to Wi-Fi via their devices.