Regaining Trust After a Data Breach Any business of any size can become a victim of a data breach. We tend to think of data breaches as cybersecurity threats for large organizations, but here are some facts to reveal the scope of the real cybersecurity threat landscape for data breaches: A Verizon Data Breach Investigation Report […]
Category: IT Security
Categories
Cyber Threat Intelligence
Cyber Threat Intelligence Cyber threat intelligence (CTI) aims to develop timely, relevant, and actionable intelligence about emerging threats and key threat actors to enable effective cybersecurity decisions.1 CTI is a data-driven four-phase process. CTI professionals can be expected to proceed through the following general CTI lifecycle: Phase 1: Intelligence planning/strategy. Organizations will first define their intelligence needs by […]
Categories
Data Ethics
Data Ethics What is Data Ethics? Floridi & Taddeo1 define data ethics as, “…the branch of ethics that studies and evaluates moral problems related to data (including generation, recording, curation, processing, dissemination, sharing, and use), algorithms (including artificial intelligence, artificial agents, machine learning, and robots) and corresponding practices (including responsible innovation, programming, hacking, and professional codes), in order […]
Categories
Endpoint Defense
Endpoint Defense IT endpoints are the devices that people use to access company resources. Examples of endpoints are personal computers, mobile devices, point-of-sale terminals, and other various devices where data is created, processed, and stored, such as IoT devices. The explosive growth of endpoints has been coupled with the explosive growth of cyber threats on endpoints, making endpoint […]
Categories
Ransomware in School Districts
Ransomware in School Districts Ransomware attacks in educational organizations and school districts are on the rise, with at least 830 individual schools having experienced incidents between January and July 2021.1 The beginning of the school year is a prime time for ransomware attackers targeting schools, with several ransomware incidents occurring in recent years that delayed the first […]
What is Password Management? Passwords are strings of characters used to verify the identity of a user in an authentication process. While passwords remain as one of the most secure methods of authentication available, they continue to remain vulnerable to security threats. Account management, authentication, and password management are essential activities to protect data security, but […]
Categories
What is Biometric Authentication?
Biometric Authentication Biometric authentication is a security process that relies on unique biological characteristics of individuals to verify their identity. Biometric authentication systems compare physical or behavioral traits to those that are stored in their database. An authentication is confirmed when both samples match. Biometric authentication is often used to manage access to physical and digital […]
Cybersecurity training: Need “…a red-hot poker to open up my eyes, it’s so boring” Reeves et al.1 authored an illuminating review of cybersecurity training and how it’s going these days. Spoiler alert: not great! While a large number of cybersecurity officers assert that employee education and training is their highest priority and have invested in security […]
Categories
Business Email Compromise
What is Business Email Compromise? The Cybersecurity and Infrastructure Security Agency (CISA) explains a social engineering attack as an incident where “…an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems.”1 An attacker may seem innocuous or even charming, and may claim to be a new hire, a […]
Categories
Is Your Organization Cyber Resilient?
Cyber resilience is defined as the ability of an organization to continue to function, even in a degraded manner, after components of the organization have been disrupted due to information system failures that randomly occur or are consequences of a cyberattack. 1 We often think of the quality of “resilience” as a feature of one’s […]