Web 3.0, An Interview With Security Expert Jenna Waters
Semantic Web, or Web 3.0, which leverages blockchain technology and scores of individual nodes to accomplish what the creators of Startup envisioned in their storyline. Writers of that show correctly predicted that such a web would impact 3 key areas – security, privacy, and social structures – in both anticipated and unanticipated ways.
Read More
What is Identity and Access Management and should I be using it?
Identity and Access Management lets you set rules for who gets access to your organization’s data.
Read More
Here are the 5 Unmentioned Soft Skills You’ll Need to Pass the OSCP Exam
Passing the Offensive Security Certified Professional exam requires more than technical expertise. Master these overlooked skills to up your chances.
Read More
Risky Business – Vendor Risk Management (VRM)
Businesses are becoming more dependent on vendors. Working with a vendor comes with great advantages such as getting help from subject matter expert (SME) without having to internally hire full-time employees. Ultimately, this will save the business additional cost, reducing the time it takes to complete tasks, as well as sharing responsibilities and risks associated with tasks performed and service provided by a vendor. While all those advantages will make your life easier and help you stretch resources in a more cost-effective way, there are also disadvantages that you need to consider before jumping into working with a vendor – whether that vendor is a small business or a well-known business.
Read More
Tough Cyber-Insurance Renewal Season May Change How You Approach Internal Security Training
TRUE caught up with Vice President of Risk Advisory, Tim Marley, and Cybersecurity Consultant Corey Bolger about upcoming changes to cyber-insurance and trends they are seeing. Their two cents might get you thinking.
Read More
The Dunning-Kruger Effect and Why It Convolutes Cybersecurity
Next time you think something is easy and you’re crazy good at it, beware of the Dunning-Kruger (D-K) Effect. Psychology Today describes this as when you mistakenly believe your competence in an area to be high and, therefore, don’t realize you have much to learn. This overconfidence then prevents you from seeking the very knowledge that would help you understand and perform better.
Read More
Water Sector: How Should You Start Assessing Risk and Sharing Threat Information?
Assessing Risk and Information Sharing (exchanging threat intelligence with others). Both controls rely upon a having a strong knowledge base around how attackers are attacking. The industry terminology for this knowledge is what we call Tactics, Techniques, and Procedures, or TTP for short. Knowing the methods and motivations of real-world attacks requires having a pulse on the global threat landscape and how it impacts individual organizations. Working with vendors who offer security-first products and proactive guidance is a great way to gain direct access to this knowledge.
Read More
Microsoft Announces New Subscription Pricing for M365
Microsoft announced they will be increasing the pricing of the subscription for many of the Online Subscriptions. According to Jared Spataro, Corporate Vice President for Microsoft 365, this is the first time Microsoft has increased its prices since 2011.
Read More
Water Sector: Tackling IT-Security Fundamentals with Strategic Partnerships
Water and Wastewater Facilities are facing a crucial time in their journey to modernization, as Digital Transformation is bringing about a shift in risk. For those of us who specialize in cybersecurity and critical infrastructure, it was no surprise that cybersecurity recently moved up from number 16 to number 12 in top risks facing the water sector (American Water Works Association). As industry modernization projects like smart water systems and advanced data analytics are rolled out, we can only expect this trend to rise, with cybersecurity’s taking centerstage as the number one concern. Cybersecurity is a growing concern not just within the water sector, but across all industries.
Read More
Azure Information Protection
Due to the increased mobility of workers and staff working remotely, more businesses are relying on cloud services to ensure their workforce can access the files needed to do their job in a timely manner. With this increased availability, however, comes increased risk. Azure Information Protection – also known as AIP – provides a way to label and protect files and emails no matter where they are stored, change access rights after a document has left the security of your network, and see who has been accessing your confidential files.
Read More