Resources and insights
The latest industry news, interviews, technologies, and resources.
SOX Cybersecurity Compliance
Implementing Security Controls for Sarbanes-Oxley Compliance Requirements The Sarbanes-Oxley Act (SOX) is a federal act passed in 2002 following financial scandals at Enron Corp., Tyco International, and WorldCom. The fallout from these events led Congress to strengthen disclosure and auditing requirements for public companies to restore investor
8 minute read
What is LDAP?
The Directory Access Protocol (DAP) is a protocol for accessing information in a directory service based on the X.500 recommendations. The Lightweight Directory Access Protocol (LDAP), as the name implies, is a lightweight, vendor-neutral version of DAP.
6 minute read
3 Current Phishing Techniques That Put Your Business at Risk
Phishing is a perennial cyber risk for businesses and organizations of every size, in every industry. It’s a popular social engineering method designed to fool recipients into clicking malicious links, providing hackers access to their networks, or divulging Personally Identifiable Information (PII) or sensitive company data like credentials or
5 minute read
Why Faster Ransomware Means Defenders Must Shift Left on the Cyber Kill Chain
We all know ransomware is among the top threats facing today’s organizations. Whether you’re a provider of critical national infrastructure or a regular SMB, there’s increasingly nowhere to hide. The advent of ransomware-as-a-service and the affiliate model has led to an explosion in the number of threat groups out there successfully monetizing
5 minute read
Beating BEC with People, Process and Technology
Business email compromise (BEC) is a typically dispassionate piece of cybersecurity terminology that actually signifies one of the biggest online threats facing organizations today. In fact, threat actors made more money from BEC scams last year than any other type of cybercrime, according to an annual FBI report published recently. The bad news
4 minute read
The Lapsus$ Group: Who They Are and How to Protect Your Business
Staying one step ahead of cybercriminals takes extensive effort, especially when the targets seem to be constantly moving. There are new and persistent threats coming onto the scene all the time, some more alarming and chaotic than others. Recent hacks by a newer group called Lapsus$ are making waves in the infosec and business communities. Unlike
6 minute read
Network Detection and Response Becomes More Essential as Nation State Attacks Escalate
On March 21, President Biden declared that US critical infrastructure is likely to soon come under concerted attack from the Kremlin. In fact, these warnings have been coming for several weeks now — ever since Russia invaded Ukraine. The surprise in cyber and national security circles is that such attacks have yet to materialize.
4 minute read
How To Close the IoT Security Gaps In Your ICS Networks
Today’s industrial control system (ICS) networks are much more advanced than networks of the past. In addition to IT systems, IoT devices like cameras, tablets, asset management sensors, and environmental monitoring devices are deployed to streamline workflows and enhance data-driven decisions.
4 minute read
Are You Leaving Third Party Risk Management to Guesswork?
Third-party risk management is never something that should be neglected or left to guesswork. Unfortunately, third-party data breaches have proven to be catastrophic for organizations worldwide. Recent attacks such as the SolarWinds breach and the Kaseya incident demonstrate the need for increased third-party risk management.
5 minute read
