In a recent cyber-attack, a metallurgy company became infected with ransomware. The firm shut down for a week to deal with the infection; the final costs for the system backup and production downtime came to over 50 million euros ($54 million). This follows a Kaspersky report, “The State of Industrial Cybersecurity” that shows 70% of […]
Read More… from How to Use SAST and DAST to Meet ISA/IEC 62443 Compliance
This article was originally published on TechAeris on May 08, 2020. What do you do if a small infected minority is threatening to infect the rest? By now, there probably isn’t a human being on the planet that doesn’t know the answer to this question: you place the infected in quarantine, separating them from the healthy. Collectively, […]
Read More… from Better Enterprise Security Through Forced Quarantine
It’s easy to forget how dramatically the delivery of tech tools has changed over the decades. These days, few of us depend on a long list of desktop apps to do our work. Instead, we spend our working day logged into several web apps – simultaneously. Likewise, we can miss just how complex and interconnected […]
Read More… from Why Ignoring Web Application Security Can Be Costly
Web applications are exposed. Unlike internal network applications, everyone can get to a web application; all they need is an internet connection. That includes hackers too. In fact, an automated tool may be attacking the web applications you depend on as you read this article. But developers often overlook web application security. Teams frequently spend […]
Read More… from Top 10 Tips to Improve Web Application Security
Last updated on April 24, 2020. Web security, your site and your network Web sites are unfortunately prone to security risks. And so are any networks in which web servers are connected. Setting aside risks created by employee use or misuse of network resources, your web server and the site it hosts present your most […]
Read More… from Everything You Need to Know About Web Security
REST APIs have allowed us to create modern web and mobile applications; By using the power of an API, we can open up the world of services – pulling in data and sharing information and oiling the wheels of the internet. But building an API-enabled service also means that you potentially open up your web or […]
Read More… from Defuzzing API Testing: The Search for Vulnerabilities
This article was originally published on HelpNetSecurity on April 16, 2020. Finding security holes in information systems is as old as the first commercially available computer. Back when a “computer” was something that sat in a computer room, users would try to bypass restrictions, sometimes simply by trying to guess the administrator’s password. Later when Bulletin Board Systems […]
This article was originally published on Enterprise Management 360 on March 31, 2020. Penetration testing is the Marmite of cybersecurity: you either love it or you hate it. Taking a neutral stance on the matter, it’s easy to see both sides. On one hand, pen testing provides indisputable evidence of vulnerabilities for organisations to action. Pen testers […]
Across the world, companies like Google, Microsoft, Amazon, Twitter, and yes, Beyond Security, have asked their employees to work from home in response to the Coronavirus (Covid-19) pandemic. As employees move from on-premises offices to their homes, businesses will be faced with the challenge of managing and securing both company-owned and employee-owned devices as they access company resources […]
Read More… from How to Manage Your Employees’ Devices When Remote Work Has Become the New Norm
On one level, cybersecurity is all about electronics – securing machines, networks and so forth. But, even the most technologically advanced cyber attacks are driven by human motivation. Humans motivate cyberattacks, and humans also, often unknowingly, facilitate cyberattacks. People are essential to mounting a defence as well – as much as automated tools are a powerful barrier. […]
Read More… from The 5 Human Elements Of Cybersecurity Every CSO Should Review