Tripwire

tripwire

MalwareTech, WannaCry and Kronos - Understanding the Connections

As Marcus Hutchins was on his way home to the UK after attending Def Con and Black Hat in Las Vegas, NV, the FBI arrested him. This event sparked immediate internet outcry, especially among the cybersecurity community, as Hutchins was better known as MalwareTech and had just made cybersecurity fame by stopping the WannaCry ransomware outbreak a few months prior. So, why did the FBI arrest a newly famous cybersecurity expert?

tripwire

PCI DSS 4.0 Is Coming - Are You Ready?

Ransomware today is a billion-dollar industry. It’s crippled industries like healthcare. In 2017, for instance, WannaCry brought much of the United Kingdom’s National Health Service to its knees using the EternalBlue exploit. It was just a few weeks later when the NotPetya ransomware strain leveraged that same vulnerability to attack lots of industries.

tripwire

The Security Wisdom of the All-Knowing CISO

Have you ever noticed how closely your role as the CISO of your organisation resembles that of the Wizard from “The Wizard of Oz?” As the Wizard, you are expected to be all-knowing, all-seeing and all-powerful. Your role is to keep everyone safe from the evils of the world while frantically pulling levers, pressing buttons and turning dials behind the curtain.

tripwire

Cloud-Based Storage Misconfigurations - Understanding the Security Risks and Responses

Misconfigurations remain one of the most common risks in the technology world. Simply telling organisations to “fix” this problem, however, is not as easy as it might first seem because there’s a myriad of technologies at play in modern infrastructure deployments. All of this results in a complicated mix of hardening approaches for each system. What is key, then, is to identify where hardening is required and then consider the methodology for each area.

tripwire

Cybersecurity Challenges: Understanding the What, How and When of Change

I subscribe to a newsletter from Gary Burnison, CEO of Korn Ferry. His messages address a wide variety of career and personal issues in a thoughtful and educational manner. A recent Special Edition message was titled Exceeding Potential. It specifically addressed how opportunities present themselves and how to view and leverage them. He closed his message with this statement: It’s true that leaders are in the “what,” “how,” and the “when” business.

tripwire

Fixing the "Human Error" Problem

Last year, Verizon’s data breaches report showed that “human error” was the only factor with year-over-year increases in reported incidents. The average cost of data breaches from human error stands at $3.33 million, according to IBM’s Cost of a Data Breach Report 2020. Even big companies and government entities have fallen victim to data breaches caused by human error.

tripwire

ENISA Releases Guidelines for Cloud Security for Healthcare Services

The healthcare sector is undergoing digitalization and adopts new technologies to improve patient care, offer new services for remote patients and reach operational excellence. The integration of new technologies in the complex healthcare IT infrastructure creates new challenges regarding data protection and cybersecurity.

tripwire

10 Database Security Best Practices You Should Know

According to Risk Based Security’s 2020 Q3 report, around 36 billion records were compromised between January and September 2020. While this result is quite staggering, it also sends a clear message of the need for effective database security measures. Database security measures are a bit different from website security practices. The former involve physical steps, software solutions and even educating your employees.

tripwire

4 Key Cybersecurity Trends Confronting Canada's Electric Sector

Digital attackers are increasingly targeting energy organizations including those that support national electric grids. As reported by Morning Consult, security researchers found that utilities worldwide had suffered a recorded 1,780 distributed denial-of-service (DDoS) attacks between June 15 and August 21, 2020. That’s a 595% year-over-year increase.

tripwire

Are Your IT Infrastructures Up to Date with the Cybersecurity Compliance Laws in 2021?

It’s an unfortunate fact that cybersecurity is rarely the foremost of concerns among small- to medium-sized businesses. However, investing in cybersecurity is becoming even more important as these organizations undergo digital transformation. It may seem like there are more important priorities on which a small business could focus, but putting your company and your customers at risk of a cyberattack can have huge consequences.