Red teaming: Why a forward offense is the best defense
Companies are under constant threat. Opportunistic attackers scan the internet for weak points, motivated attackers target specific organizations for susceptibility to a scam …
Optimizing the patch management process
In this podcast recorded at Black Hat USA 2019, Jimmy Graham, Senior Director of Product Management at Qualys, discusses the importance of a tailored patch management process. …
Moving away from spreadsheets: How to automate your third-party risk management process
Spreadsheets are dumb. Okay, it’s not that spreadsheets are dumb, or that the people who use them are dumb. That’s not at all what I’m saying. What’s dumb is using …
Pitfalls to avoid when improving your software development skills
The dizzying pace of technological change makes knowledge acquisition and skill development a very big deal in the IT and IT security industry. Luckily, the opportunities for …
49% of all risky online transactions come from mobile devices
About half of all risky online transactions appear to be coming from a mobile device, according to iovation. Specifically, in the first half of 2019 49% of all risky …
Embracing the cloud and meeting its security demands
If you want to build a career in information security, there’s no shortage of diverse roles you can aim for. Whether you’ll end up doing that or something else …
Five examples of user-centered bank fraud
In today’s digital-first world, banks and financial service companies need to allow their customers to easily manage money online in order to compete. Unfortunately, most …
Microsoft is right, mandatory password changes are obsolete
Microsoft has recently come out and said that mandatory password changing is ancient and obsolete. This goes directly against everything we were trained to think for the last …
Solving security problems: Security advice for those with limited resources
In this interview, Mark Sangster, VP & Industry Security Strategist at eSentire, gives SMBs advice on how to minimize the risk of a data breach through better security …
How to improve the hiring and retaining of infosec professionals?
The cybersecurity staffing and skills shortage is a well-known reality and the situation is predicted to get worse in the coming years. There are many problems There are …
Thwart the pressing threat of RDP password attacks
How long does it takes for Internet-facing, RDP-enabled computers to come under attack? In some cases, a few minutes. In most, less than 24 hours. The problem with RDP …
Security or compliance? Stop choosing between them
The difference between security and compliance is more than just process. It’s philosophy and practice. Compliance can be one tactical execution of a great security strategy …