What’s in Store? Cybersecurity in 2020

/by

TahawulTech | January 2020 (Page 12)

What do you think will be the key drivers for security spending?

We are mid-way through the transition to the cloud, leaving most networks as a complex hybrid. Managing that complexity will be a major spending driver. Another key driver is compliance as the regulatory landscape continues to evolve, new regulations will drive spending. Lastly, cyber insurance will increase in importance in 2020, and this will steer spending towards defences that insurance providers want to see, in much the same way that car insurance drives car safety features. – Mike Lloyd, RedSeal CTO

Read More

12 Strategies To Get Your Staff To Stay On Top Of Software Updates

/by

Forbes | January 16, 2020

A big irony in security is that the more critical a system is, the less likely it is to be patched well! To keep critical systems available, teams often deprioritize security. While security is abstract, an unavailable system is tangible and immediate. Security teams need to make the risk real so downtime seems necessary. Provide specific, personalized scenarios for why the action matters. – Mike LloydRedSeal

Read More

How Defense Contractors Should Prepare for a Cyber Proxy War With Iran

/by

ClearanceJobs | January 10, 2020

A plan of action should include some key fundamentals, explained Wayne Lloyd, federal CTO for RedSeal, a cyber terrain modeling company. This can include: Identifying critical data and where it is housed; knowing what assets – physical and virtual – are on your network; hardening your network devices, making sure they are securely configured; reviewing endpoint data sources to make sure you have full coverage of all endpoints on your network; and ensure that your vulnerability scanner is scanning every subnet.

Read More

What’s your agency’s cyber resiliency score?

/by

FedScoop | January 8, 2020

Eighteen months have passed since that day on June 27, 2017, when an IT administrator, working for the world’s largest shipping conglomerate, watched helplessly as one computer monitor screen after another in Maersk’s Copenhagen headquarters went black.

The question as we head into 2020 is, what lessons can we take away from that incident — and in particular, what should leaders operating federal agencies be doing differently today as a result?

Read More

Network Resilience vs. Cyber Resilience

/by

SIGNAL Magazine | January 6, 2020

There are certainly similarities between network resilience and cyber resilience. The foundation for both is the ability to maintain business or mission capabilities during an event, such as a backhoe cutting your fiber cables or a nation-state actively exploiting your network. But there are also significant differences.

Read More

Can the UK government’s efforts solve the cyber skills gap?

/by

Computer Weekly | December 30, 2019

The scarcity of skilled cyber security workers in Europe is getting worse, with just under two-thirds of employers saying they are now short of staff, according to the latest report from (ISC)2.

Mike Lloyd, chief technology officer at cyber risk modelling platform provider RedSeal, says that what is required is a mix of “base technical skills, which means learning how the modern digital world works, for example, how websites can be attacked”, and developing an “adversarial mindset, which takes years of experience in playing cat and mouse games”.

Read More

It’s Time to Act: Establish a Secretary of Cybersecurity (Contributed)

/by

Government Technology | December 19, 2019

All levels of government, as well as the private sector, face growing dangers from cyberthreats. That’s why there needs to be a centralized approach to cyberpolicies before a crisis occurs.

Today, the United States is in a very similar place when it comes to cybersecurity: cyberthreats challenge our economy, our military, our national security and our infrastructure, and it’s time for the federal government to act definitively.

Read More

Tips and Guidance For Educational Entities To Ensure The Safety and Security of Their IT Data

/by

Education IT Reporter | December 17, 2019

Schools are especially prone to ransomware attacks, due to the combination of weak security protocols, out of date computer equipment, and a lack of skilled staff. Digital infections can spread among school computers much the same as biological germs spread among students. Security is unfortunately quite a lot like a treadmill – it never stops. You can never arrive at a state of solid protection, because what was good enough yesterday won’t be good enough tomorrow. New vulnerabilities are continually being found. The need to invest in basic online hygiene is constant.

Read More

Securing the Supply Chain Against Cyber Disruption

/by

Loss Prevention Magazine | December 11, 2019

Just like a physical chain, a supply chain is only as strong as its weakest link. Today’s issues are about networks of interdependence. We extract major economic benefits from modern supply chains, because each organization can focus on its core mission or specialty. This narrowing of focus is very effective, allowing each organization to be the best at whatever it does—making widgets, transporting them, or adding value by assembling parts made by other specialists. But this same narrowing of focus on just one aspect of a system means the system as a whole becomes fragile.

Read More

Forget Cybersecurity

/by

Corporate Board Member| December 6, 2019

Cyber risk is a board-level issue because a breach can crush a company’s stock price, tarnish its reputation and scare off customers and partners. A study by the Ponemon Institute revealed that a company’s stock price drops an average of 5 percent immediately after a breach is exposed. The study further found that companies lose an average of $3.92 million in revenue and a significant portion of their customers after a breach.

It’s no longer a question of whether a company will experience an attack, but when. Security is about hunkering down, while resilience means being able to operate after a breach. Here’s what directors need to know.

Read More