Attackers turn the tables on incident response strategies

Kemaza Tech Researcher/ July 10, 2019/ Cyber security, Data security strategies and governance, Hackers and cybercrime prevention, Information security incident response, IT Management, Security/ 0 comments

How do you deal with attackers who use counter-incident response strategies in response to defender incident response? Attackers expect incident response strategies and have a plan for when they encounter them. Find out how to take IR to the next level against attacker incident response counterstrategies. Peter Loshin Site Editor – SearchSecurity If you’re looking at cybersecurity as a matter of

Read More

single sign-on (SSO)-definition

Kemaza Tech Researcher/ June 7, 2019/ Chief Technology Officers (CTO)s, Data Security, Data security strategies and governance, Data security strategies and governance, Kemaza technical resources for IT pros, Tech Definitions/ 0 comments

Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (such as name and password) to access multiple applications. Posted by: Margaret Rouse WhatIs.com In a basic web SSO service, an agent module on the application server retrieves the specific authentication credentials for an individual user from a dedicated SSO

Read More

IT complexity raises concerns of certificate-related outages

Kemaza Tech Researcher/ April 1, 2019/ Ask the experts, CIO Resources, Data security strategies and governance, Enterprise tips, tricks and best practice implementation, Expert Enterprise Technical Advice (EETA), IT risk management, Kemaza technical resources for IT pros, Security, Technical Questions Answered by Experts/ 0 comments

Company executives are concerned that increased IT complexity will result in more security certificate-related outages, with nearly two-thirds of organisations affected in the past year Warwick Ashford Security Editor – TechTarget – ComputerWeekly.com 26 Mar 2019 16:00 Chief information officers (CIOs) admit that critical business applications and services are routinely affected by outages related to digital certificates, a study has revealed. In fact,

Read More

WinRAR bug found and patched after 19 years !

Kemaza Tech Researcher/ March 3, 2019/ Application attacks (buffer overflows, cross-site scripting), Ask the experts, Data security strategies and governance, Expert Enterprise Technical Advice (EETA), Kemaza technical resources for IT pros, Latest Flaws uncovered by Researchers, Security, Technical Questions Answered by Experts/ 0 comments

When was the last time you had to deal with a RAR file? A WinRAR bug that affects every version of the app over the past 19 years was discovered and patched. But it’s unclear if the millions of the app’s users will get the needed fix. Michael Heller Senior Reporter – TechTarget – SearchSecurity 25 Feb 2019 Security researchers discovered a

Read More

Identity and access management is a top IoT security concern

Kemaza Tech Researcher/ February 27, 2019/ Data security strategies and governance, Expert Enterprise Technical Advice (EETA), Implemented Solution Use Cases, Industry and verticals, Partner Content, Security, Technical Questions Answered by Experts/ 0 comments

To describe securing an IoT network as “monumental” is a huge understatement. There are so many factors influencing IoT security, and as the volume of connected devices continues to increase, so does the complexity in managing and securing the network. GUEST CONTRIBUTOR Bodil Josefsson Head of IoT Security – Ericsson – IoTAgenda 21 Feb 2019 One of the biggest concerns expressed to us

Read More

How to perform an ICS risk assessment in an industrial facility

Kemaza Tech Researcher/ February 25, 2019/ Data Security, Data security strategies and governance, Expert Enterprise Technical Advice (EETA), Implemented Solution Use Cases, Kemaza technical resources for IT pros, Technical Questions Answered by Experts/ 0 comments

What else does your organization do to secure industrial facilities? An important step to secure an industrial facility is performing an ICS risk assessment. Expert Ernie Hayden outlines the process and why each step matters. Ernie Hayden Independent consultant & founder – 443 Consulting LLC – SearchSecurity Managers of major industrial facilities with large footprints — such as refineries or municipal utilities

Read More

Microsegmentation security: Your key to zero trust

Kemaza Tech Researcher/ February 25, 2019/ Data Security, Data security strategies and governance, Data security strategies and governance, Enterprise data storage strategies, Expert Enterprise Technical Advice (EETA), Kemaza technical resources for IT pros, Networks and Storage, Technical Questions Answered by Experts/ 0 comments

What benefits of a zero-trust strategy are most important to your organization and why? Zero trust is the path forward to secure corporate IT assets. Learn how to put into place a zero-trust security model with a microsegmentation strategy. Dave Shackleford Principal Consultant – Voodoo Security – SearchSecurity There are many tools and controls available that can help monitor internal workloads and

Read More

What risks does the OpenFlow protocol vulnerability present?

Kemaza Tech Researcher/ February 20, 2019/ Ask the experts, Data Security, Data security in the cloud, Data security strategies and governance, Expert Enterprise Technical Advice (EETA), Kemaza technical resources for IT pros, Security, Technical Questions Answered by Experts/ 0 comments

How does your organization use vendor-specific SDN controllers? Researchers found a vulnerability in OpenFlow that can cause problems. Learn how vendor-specific SDN controllers may cause these OpenFlow protocol vulnerabilities. Post credited to: Judith Myerson Security researchers discovered an important vulnerability in OpenFlow — the dominant protocol for software-defined networking — that can cause several problems, including denial-of-service attacks. What does the OpenFlow

Read More

Is there a viable breach notification tool?

Kemaza Tech Researcher/ February 13, 2019/ Ask the experts, Data breaches, Data Security, Data security breaches, Data security strategies and governance, Expert Enterprise Technical Advice (EETA), Hackers and cybercrime prevention, Kemaza technical resources for IT pros/ 0 comments

What kinds of new procedures have you used to notify your customers of data breaches? A breach notification tool from Firefox Monitor and Have I Been Pwned could help consumers understand more quickly if their email or other vital information has been hacked. Nick Lewis SearchSecurity Mozilla recently began testing an integration between Firefox Monitor and Have I Been Pwned

Read More

Four areas to consider when shoring up your ePHI security

Blog Editor/ February 13, 2019/ Ask the experts, Data Security, Data security strategies and governance, Electronic medical records security and data loss prevention, Expert Enterprise Technical Advice (EETA), Kemaza technical resources for IT pros/ 0 comments

What other areas should healthcare organizations consider to secure ePHI? Healthcare organizations should be sure to include updated log management configuration and a comprehensive security framework in their ePHI security plan. Posted by: Wendy Johnson Most healthcare organizations are playing catch-up when it comes to building or updating an ePHI security plan to reflect today’s cybersecurity risks, said David Chou,

Read More