I was recently asked to host a round table discussion on ‘Governance, Risk and Compliance' (GRC), and I have to admit I was more than a little excited. Why? Because the other people around the table were leading lights in the world of Cybersecurity, Risk and Resilience, and I was looking forward to exploring how a GRC framework can work across...

Data leaks happen once every few months at least. Millions of users can have their phone number, address, and Social Security Number smeared across the internet in a matter of seconds. Your online browsing behavior is also sold legally by tech companies to the highest bidder. Ever seen an ad that is a little too specific? Most major tech companies...

2021 is a significant year for aviation. It marks the 20th anniversary of the 9/11 attacks, the worst acts of unlawful interference in the history of aviation. It is also the Year of Security Culture for the ICAO community, which aims to enhance security awareness and foster a security culture throughout the industry. The importance of understanding...

Container orchestration platform Kubernetes announced in December 2020 that its third and final release, Kubernetes v1.20, would deprecate dockershim and subsequently Docker as a container runtime. This deprecation has brought multiple changes that admins must be aware of and accordingly respond to. To best understand these changes and how...

These days, it’s not a matter if your password will be breached but when. Major websites experience massive data breaches at an alarming rate. Have I Been Pwned currently has records from 543 sites comprising 11.4 billion accounts. This includes well-known names like Wattpad, MySpace, and Facebook. This is an 84% increase in the number of sites and...

Gary Hibberd, professor of communicating cyber for Cyberfort and former head of business continuity and information security at various companies, teaches the importance of building resilience in your organization not just with technology but also with people and processes. https://open.spotify.com/episode/3jR9SJrjzjRqRZZYfqoXy2 Spotify: https:/...

Digital transformation is at the heart of every industry. There are no longer any industries that are immune to the rapid adoption of this movement. When we think of the construction industry, we may think back to an image of ironworkers sitting over a city and enjoying a lunch break on a construction beam. However, rapid digitalization has...

Over the years, there have been many news headlines, policy reports, white papers, and corporate newsletters that have highlighted cybersecurity workforce challenges; namely, the global shortage of cybersecurity professionals. Some of the challenges involved in achieving a more desirable cyber workforce include addressing the barriers to entry for...

Storage drive maker Western Digital is telling owners of its WD My Book Live device to disconnect it from the internet after reports that some have had their data erased by malicious software. According to an advisory issued by the firm, malicious attackers are compromising the devices – commonly used to back up data such as home movies,...

In the beginning of May, a U.S. pipeline company suffered a ransomware attack. The company decided to respond by halting operations while it investigated the incident. This delayed tens of millions of gallons of fuel from reaching their destination all along the East Coast. Less than a week later, Bloomberg reported that the company had paid...

Back in September 2020, I configured a SonicWall network security appliance to act as a VPN gateway between physical devices in my home lab and cloud resources on my Azure account. As I usually do with new devices on my network, I did some cursory security analysis of the product and it didn’t take long before I had identified what looked like a...

When it comes to evaluating technology in the home, there seems to be no shortage of new devices and shiny gadgets, mainly part of the Internet of Things (IoT), to discuss. Unfortunately, there seems to be no shortage of security issues to consider regarding these same devices, either.It's not uncommon to hear of "virtual break-ins" caused by a...

Everything evolves. Simply stated, the gradual development of something from a simple to a more complex form is what evolution is all about. When something ceases to evolve, yet still exists, it becomes classified as a living fossil. One example is the Ginkgo Biloba tree. It took millions of years for this evolution to cease. This all happened...

Confidence isn’t new when it comes to cybersecurity. All the way back in 2015, for example, 86% of security professionals working in the energy sector told Tripwire that they were confident they could detect a breach in a week. Just less than half (49%) said it wouldn’t take them longer than a day to spot an attack. It was the same story a year...

In a previous article, we introduced the fact that one of our largest growing populations is that of the “Baby Boomer” generation (those born between 1946 to 1964). As the Boomers get older, they become susceptible to many of the emerging dirty tricks that exist on the Internet. Phone scams, lottery scams, tech support scams, and a host of other...

Six people alleged to be part of the notorious CLOP ransomware gang have been detained and charged by Ukrainian police, following nearly two dozen raids across the country. According to a statement released by the Ukraine's cyber police, the hacking group is thought to have inflicted $500 million worth of damage on universities and organisations it...

Data breaches are costing organizations millions of dollars on average. In its 2020 Cost of a Data Breach Report, IBM found that a data breach cost the average organization $3.86 million. This price tag was even greater for organizations located in the United States and operating in the healthcare industry at $8.64 million and $7.13 million,...

Back in 2018, the State of Security spent a lot of time going over v7 of the Center for Internet Security’s Critical Security Controls (CIS Controls). We noted at the time how the Center for Internet Security shuffled the order of requirements for many of the existing controls in that version. It also cleaned up the language of the CIS Controls,...

The head of the UK's National Cyber Security Centre has warned that ransomware has become the biggest threat to British people and businesses. In a speech being given today by Lindy Cameron, chief executive of the NCSC, to the RUSI think tank, she highlights the need for ransomware problem to be taken seriously, and warns of the "cumulative...

Dr. Eric Cole, former CISO and founder of Secure Anchor Consulting, explains how learning to communicate with business language can create a more compelling case for executive buy-in. https://open.spotify.com/episode/7fFPZyFkP4eB1DoMdPcdOv?si=6f16ad3361f24256 Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnm Stitcher: https://www...