Have you noticed consumer and business sites including mobile applications requiring multiple steps to verify who you are? Perhaps you’ve set-up a multi-step verification method to access your bank or Google email account? This security measure is growing in popularity as most data breaches today begin with a set of compromised credentials. From financial institutions to online stores to social media sites, many businesses are now requiring multiple factors of verification to ensure a user is who they say they are, reducing the chances of a cybercriminal successfully gaining access to their networks.
Today, your applications and files are no longer all contained within your four walls. Your staff may work from home or is on the move which means they are accessing your company's data and apps from multiple locations and on multiple devices. To keep your data secure, you need to know who is knocking at the door before you let them in. Your business might require complex passwords, but in reality, your staff is most likely using the same passwords across personal and business accounts, and the cybercriminals know it.
In 2018, there was 49.8 million tons of e-waste generated worldwide. The US contributed a staggering 10 million tons of this waste, and our share is growing. As environmental and health concerns arise over the ever-increasing e-waste, it is the responsibility of everyone to ensure its proper disposal.
Microsoft recently announced a pair of Windows 10 Remote Code Execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182. These vulnerabilities allow cybercriminals to obtain remote control of a computer over a network connection. Microsoft discovered the vulnerabilities during routine testing of Windows 10, which allowed them to publish the required security updates and notify the public at the same time.
In my blog article posted on July 14, 2017, I covered the Foundations of Quality and Continuous Improvement which discussed the importance of establishing business quality across the board. In this blog post, I will talk about Root Cause Analysis, a method used to discover the root or cause of an issue or problem when quality breaks down.
Email can work for you, and it can be used against you. On the positive side, it's a tool that allows organizations to collaborate, communicate, and save time.
On the negative side, cybercriminals are savvy enough to use it as a weapon to send phishing and spear-phishing emails to unsuspecting recipients allowing confidential data to be exposed and money to be stolen.
Many organizations include the review of Service Organization Controls (SOC) examination reports in their annual vendor due diligence activities; however, most are unsure of what they should be looking for in the report. Determining what is relevant and knowing how to read a SOC examination report can help to ensure that organizations get the most value and assurance out of their review.
The role of the Information Security Officer (ISO) varies based on the size and complexity of an organization. It may be a full or part-time position held by an employee having only ISO responsibilities or by an employee having other roles within the organization. A primary role of the ISO is to work with management to strengthen its information security program and to protect the organization’s information assets.
Systems Engineering’s (SE) Lunch & Learn "Information Security Evolution and the Modern Network" was recently held in Bangor and Portland, ME and Nashua, NH. This event covered cybersecurity, its current state, how threat intelligence has grown, and an overview of the evolving layers of security.
Six years ago, your business might have had 400 gigabytes (GB) of data stored on the network. Maybe two-thirds of that was actual business data comprised of files, vertical application data, and email. The rest was overhead.