INFOSECURITY NEWSLETTER

July 18, 2018

[White Paper] How to Overcome Cloud Misconfigurations

In the 2018 Cloud Security Report, cloud misconfiguration was identified as the single biggest threat to cloud security. In this white paper, our experts outline best practices for overcoming cloud configuration risk factors impacting SaaS, infrastructure, and DevOps environments.

Grab Your Copy

How to Test and Measure the Effectiveness of Your Security Awareness Program

Stephanie Ewing, deltarisk.com, July 13, 2018

In my previous blog, I wrote about security awareness programs and provided some high-level recommendations for how you can improve their effectiveness. In this article, I’d like to share some thoughts on how to test and measure how well those programs are doing. How do you know if you are making an impact? What can you actually measure? In answering these questions, you need to first establish your goals and metrics and determine if there is a baseline. For instance, let’s start with a key component that should be covered in every security awareness program – anti-phishing.

Read More


Cybersecurity Rundown: The 5 Most Critical Threats to Businesses in 2018

Macy Bayern, techrepublic.com, July 17, 2018

In the midst of businesses becoming GDPR compliant, cybersecurity measures have moved from purely technical, to political, according to a Tuesday report from AlienVault. The company surveyed 900 security professionals at the Infosecurity Europe 2018 conference to gain insight into the current state of cybersecurity threats.

Read More


Ransomware Technique Uses Your Real Passwords to Trick You

John Biggs, techcrunch.com, July 12, 2018

A few folks have reported a new ransomware technique that preys upon corporate inability to keep passwords safe. The notes – which are usually aimed at instilling fear – are simple: the hacker says “I know that your password is X. Give me a bitcoin and I won’t blackmail you.”

Read More


Building the Next Generation of Cybersecurity Talent

Martin Rues, infosecurity-magazine.com, July 13, 2018

Everyone in the cybersecurity space can agree that we are in the midst of an enormous skills shortage. ISACA predicts that we will be short two million cybersecurity professionals by 2019. Nearly 72% of firms say they are finding it difficult to identify and hire high caliber cybersecurity professionals, according to a survey by Booz Allen Hamilton. With no clear options and a massive talent need, security and IT leaders need to create the desired security skill set within their existing employees.

Read More

Unsanctioned Apps Invite Fox into Cybersecurity Hen House

Tim Bandos, threatpost.com, July 13, 2018

In this InfoSec Insider, Tim Bandos looks at why network admins will want to keep a close watch on network traffic within the enterprise. Conventional wisdom has shown there’s a short line between a company’s highest point of risk – its employees and a compromise. Unsanctioned, or shadow applications, are apps that haven’t been cleared by a company’s information security team. These apps, on employee machines, have long been a popular attack vector for saboteurs and employees looking to leak data.

Read More

Follow the Leader: NYDFS Cybersecurity Regulation Leads the Way for Other States and Industries

Theodore P. Augustinos and Molly McGinnis Stine, cpomagazine.com, June 16, 2018

The New York Department of Financial Services (NYDFS) blazed a cybersecurity trail with its 2017 regulation for the protection of information collected and processed in, and systems used in the operation of, the financial services and insurance industries. The Empire State’s work has already formed the basis for the National Association of Insurance Commissioners’ model cybersecurity law, several states’ insurance laws, and similar laws for other industries in other states. With “imitation being the sincerest form of flattery,” other states and industries are expected to flatter the DFS by adopting similar requirements.

Read More

86% of Enterprises Have Adopted a Multi-Cloud Strategy

Help Net Security, helpnetsecurity.com, July 16, 2018

Based on a global survey of 727 cloud technology decision makers at businesses with more than 1,000 employees, Forrester Consulting found how shifting business priorities are driving enterprises to adopt multi-cloud strategies. According to the study, a vast majority (86 percent) of respondents describe their current cloud strategy as multi-cloud, with performance and innovation rising above cost savings as the top measures of success. In addition, 60 percent of enterprises are now moving or have already moved mission-critical applications to the public cloud.

Read More


Cybersecurity Experts Worry About Census Data

Chase Gunter, fcw.com, July 16, 2018

With approaches to election security still up in the air, a group of former cybersecurity officials are concerned about the cybersecurity of another democratic foundation: the decennial census. In a July 16 letter to acting Director of the Census Bureau Ron Jarmin and Commerce Department Secretary Wilbur Ross, the former officials stressed the importance of the security of data collected by the bureau’s first-ever electronically based survey and pushed the bureau to publicly share plans for how it plans to protect that information.

Read More

How to Teach Your Employees About Cybersecurity

Carolina, hackread.com, July 17, 2018

In the modern world, threats to security are no longer just physical. In fact, cybersecurity has now become one of the most important parts to keep a business and its employees safe. Without it, many businesses can find themselves in trouble when they least expect. Unfortunately, it can be a tricky area to understand, especially if your business is not one that specializes in this area. This can make it a difficult topic to get across to employees, where awareness is key to cybersecurity working. Luckily, there are a few ways you can teach your employees about cybersecurity, all of which are more accessible than the last.

Read More

Sign Up for Our Newsletter

financial newsletterhealthcare newsletter
Infosecurity Newsletter Archive

June 2018: 6th

May 2018: 2nd, 9th, 30th

April 2018: 4th, 11th, 18th, 25th

March 2018: 7th, 14th, 21st, 28st

February 2018: 7th, 14th, 21st, 28th

January 2018: 3rd, 10th, 17th, 24th, 31st

December 2017: 6th, 13th, 20th

November 2017: 1st, 15th, 29th

October 2017: 4th, 11th, 18th, 25th

September 2017: 6th, 13th, 20th, 27th

August 2017: 2nd, 9th, 16th, 23rd, 30th

July 2017: 5th, 12th, 19th, 26th

June 2017: 7th, 14th, 21st, 28th

May 2017: 3rd, 10th, 17th, 24th, 31st

April 2017: 5th, 12th, 19th, 26th

March 2017: 1st, 8th, 15th, 22nd, 29th

February 2017: 1st, 8th, 13th, 22nd

January 2017: 4th, 11th, 18th, 24th

December 2016: 7th, 14th, 21st, 28th


top cyber incident pain points