These days, it’s not a matter if your password will be breached but when. Major websites experience massive data breaches at an alarming rate. Have I Been Pwned currently has records from 543 sites comprising 11.4 billion accounts. This includes well-known names like Wattpad, MySpace, and Facebook. This is an 84% increase in the number of sites and...

Gary Hibberd, professor of communicating cyber for Cyberfort and former head of business continuity and information security at various companies, teaches the importance of building resilience in your organization not just with technology but also with people and processes. https://open.spotify.com/episode/3jR9SJrjzjRqRZZYfqoXy2 Spotify: https:/...

Digital transformation is at the heart of every industry. There are no longer any industries that are immune to the rapid adoption of this movement. When we think of the construction industry, we may think back to an image of ironworkers sitting over a city and enjoying a lunch break on a construction beam. However, rapid digitalization has...

Over the years, there have been many news headlines, policy reports, white papers, and corporate newsletters that have highlighted cybersecurity workforce challenges; namely, the global shortage of cybersecurity professionals. Some of the challenges involved in achieving a more desirable cyber workforce include addressing the barriers to entry for...

Storage drive maker Western Digital is telling owners of its WD My Book Live device to disconnect it from the internet after reports that some have had their data erased by malicious software. According to an advisory issued by the firm, malicious attackers are compromising the devices – commonly used to back up data such as home movies,...

In the beginning of May, a U.S. pipeline company suffered a ransomware attack. The company decided to respond by halting operations while it investigated the incident. This delayed tens of millions of gallons of fuel from reaching their destination all along the East Coast. Less than a week later, Bloomberg reported that the company had paid...

Back in September 2020, I configured a SonicWall network security appliance to act as a VPN gateway between physical devices in my home lab and cloud resources on my Azure account. As I usually do with new devices on my network, I did some cursory security analysis of the product and it didn’t take long before I had identified what looked like a...

When it comes to evaluating technology in the home, there seems to be no shortage of new devices and shiny gadgets, mainly part of the Internet of Things (IoT), to discuss. Unfortunately, there seems to be no shortage of security issues to consider regarding these same devices, either.It's not uncommon to hear of "virtual break-ins" caused by a...

Everything evolves. Simply stated, the gradual development of something from a simple to a more complex form is what evolution is all about. When something ceases to evolve, yet still exists, it becomes classified as a living fossil. One example is the Ginkgo Biloba tree. It took millions of years for this evolution to cease. This all happened...

Confidence isn’t new when it comes to cybersecurity. All the way back in 2015, for example, 86% of security professionals working in the energy sector told Tripwire that they were confident they could detect a breach in a week. Just less than half (49%) said it wouldn’t take them longer than a day to spot an attack. It was the same story a year...

In a previous article, we introduced the fact that one of our largest growing populations is that of the “Baby Boomer” generation (those born between 1946 to 1964). As the Boomers get older, they become susceptible to many of the emerging dirty tricks that exist on the Internet. Phone scams, lottery scams, tech support scams, and a host of other...

Six people alleged to be part of the notorious CLOP ransomware gang have been detained and charged by Ukrainian police, following nearly two dozen raids across the country. According to a statement released by the Ukraine's cyber police, the hacking group is thought to have inflicted $500 million worth of damage on universities and organisations it...

Data breaches are costing organizations millions of dollars on average. In its 2020 Cost of a Data Breach Report, IBM found that a data breach cost the average organization $3.86 million. This price tag was even greater for organizations located in the United States and operating in the healthcare industry at $8.64 million and $7.13 million,...

Back in 2018, the State of Security spent a lot of time going over v7 of the Center for Internet Security’s Critical Security Controls (CIS Controls). We noted at the time how the Center for Internet Security shuffled the order of requirements for many of the existing controls in that version. It also cleaned up the language of the CIS Controls,...

The head of the UK's National Cyber Security Centre has warned that ransomware has become the biggest threat to British people and businesses. In a speech being given today by Lindy Cameron, chief executive of the NCSC, to the RUSI think tank, she highlights the need for ransomware problem to be taken seriously, and warns of the "cumulative...

Dr. Eric Cole, former CISO and founder of Secure Anchor Consulting, explains how learning to communicate with business language can create a more compelling case for executive buy-in. https://open.spotify.com/episode/7fFPZyFkP4eB1DoMdPcdOv?si=6f16ad3361f24256 Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnm Stitcher: https://www...

In Part 1 of this series, we introduced the concept that the most vulnerable people on the internet are our senior population. According to the FBI, elder fraud impacts millions of American seniors every year. Figures from the United Kingdom show similar levels of criminal activity targeting seniors. Most of the elder fraud schemes are financially...

If you are new to the security world, it is fair to ask yourself, “Isn’t access to data and systems always conditional? Isn’t it always granted to someone who has access to the credentials (ID and password)?” True enough, but in totality, the approach to managing access encompasses a broader spectrum of privacy policies. These policies include a mix...

On January 20, President Joseph Biden issued Executive Order (E.O.) 13990 to help protect U.S. bulk power organizations. This Order enacted a 90-day suspension of E.O. 13920 which was set by the previous administration. The new executive order empowered the Secretary of Energy (“Secretary”) to publish new criteria around pre-qualifying vendors of...

Cloud-native applications that are based on new types of infrastructure such as containers and serverless platforms are being rapidly adopted by organizations worldwide. While cloud-native applications deliver compelling benefits such as elastic scalability, unmatched resilience and rapid development velocity, they also raise challenges. Cloud...