IT - Security

(In)Secure Magazine Issue 67 Released
HelpNet Security, November 12th, 2020
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics

Issue 67 has been released today. It's a free download, no registration required.

Table of contents

  • Cooking up secure code: A foolproof recipe for open source
  • Hardware security: Emerging attacks and protection mechanisms
  • How can the C-suite support CISOs in improving cybersecurity?
  • Review: Netsparker Enterprise web application scanner
  • Mapping the motives of insider threats
  • Three places for early warning of ransomware and breaches that aren't the dark web
  • The lifecycle of a eureka moment in cybersecurity
  • Review: ThreadFix 3.0
  • Which cybersecurity failures cost companies the most and which defenses have the highest ROI?
  • Justifying your 2021 cybersecurity budget
  • Keep remote workers and their devices secure with one click
  • How to build up cybersecurity for medical devices
  • State-backed hacking, cyber deterrence, and the need for international norms
  • DaaS, BYOD, leasing and buying: Which is better for cybersecurity?

Get the latest issue of (IN)SECURE Magazine and subscribe for free.

Deception tools have come a long way in a few years and can now more closely emulate real network activity and help security teams identify and stop attacks

"A few years ago, many deception technology companies were in the process of adding advanced features like cloud integration, artificial intelligence (AI) and automation to their platforms to combat increasingly advanced threats. The upgraded defenses were necessary because skilled attackers were starting to unmask and circumvent classic deception tricks like dropping breadcrumbs pointing at fictitious, static assets. Today, deception technology again has the upper hand and can deploy a labyrinth of realistic looking but fake assets that act very much like the real thing..."

Learn how to present important cybersecurity metrics for the board to ensure that business leaders understand that money allocated to security is money well spent

"Cybersecurity is critical. Everyone knows that. Justifying to the board of directors the amount of money needed to sustain cybersecurity? That's not as straightforward, and that's why IT security managers must continually find ways to explain the value a comprehensive cybersecurity strategy brings to the overall business.

The goal should be to illuminate -- without getting too technical -- those cybersecurity operational metrics and measures that paint a picture of the current threat landscape. Let's look at some of the most important cybersecurity metrics for the board..."

Data Breach Response: How To Plan And Recover
SearchSecurity, November 12th, 2020
Download a planning guide from CompTIA to ensure your company and your customers are prepared and can respond when a ransomware attack or data breach strikes

"Ransomware isn't a customer problem -- it's an everyone problem. Increasingly, that includes solution providers who have become targets of cyber criminals because of their relationships to numerous small business customers.

Last year, research by Continuum revealed that 83% of managed service providers (MSPs) have reported customer cyber attacks, and 74% of those said they've been a cyber victim themselves. Unfortunately, in most instances it appears that it's only a matter of when, not if, providers will fall prey to the bad guys.."

The Double-Edged Sword Of Cybersecurity Insurance
Dark Reading, November 10th, 2020
With ransomware on the rise, more organizations are opting to purchase cyber insurance -- tipping off criminals about how much to demand for access back to pilfered systems and data

"Cybersecurity insurance is no longer a luxury. As attacks have accelerated - and become more costly - the idea of hedging against a breach has gone mainstream. The global cyber-insurance market now stands at $7.8 billion, but it's projected to reach $20.4 billion by 2025, according to an October 2020 report from ResearchAndMarkets.

Indeed, companies are incorporating cybersecurity insurance into their overall business strategies, says Alexander Chaveriat, chief innovation officer at Tuik Security Group. But - and should we really be surprised? - cybercriminals have also recognized that where there's insurance, there's opportunity..."

Top 5 IT Security Tips For Businesses
Business 2 Community, November 13th, 2020
From reviewing your policies, performing an IT audit and training employees - find out some of the key measures to make sure your business is protected against cyber threats

"Companies and business leaders in the IT space have been increasingly raising awareness about cybersecurity, bringing up some of the most common threats and gaps in IT security for businesses, to help them to step up with the latest solutions.

Cybersecurity has taken the spotlight recently more than ever, because hackers and malicious attackers take no rest, and the threats are only becoming greater. The latest figures from the Information Commissioner's Office (ICO), 37% of companies reported a data breach incident between 2019 and 2020. Other reports have shown that, every day, around 65,000 attempts to SMEs and SMBs occur in the UK every day, and around 4,500 of them are successful..."

What Is DNS-Over-HTTPS And Should You Be Using It?, November 9th, 2020
There's no doubt about it - encrypting DNS improves user security and privacy

"Throughout the history of the internet, traditional Domain Name System (DNS) traffic - for example, user requests to go to particular websites - has largely been unencrypted. This means that whenever you look a web address up in the 'internet telephone book', every party along the DNS value chain that your request takes is able to look into those queries and responses, or even to modify them. Encrypted DNS, for example using DNS over HTTPS (DoH), changes that..."

See all Archived IT - Security articles See all articles from this issue