Every security team craves clear visibility into the endpoints, networks, containers, applications, and other resources of the organization. Tools such as endpoint detection and response (EDR) and extended detection and response (XDR) send an increasing number of alerts to provide that visibility. Unfortunately, the high storage and processing fees for traditional security information and event […]
Many of the basic principles for securing a data lake will be familiar to anyone who has secured a cloud security storage container. Of course, since most commercial data lakes build off of existing cloud infrastructure, this should be the case. However, data lakes add additional elements such as data feeds, data analysis (data lake […]
A presidential executive order mandating a zero trust strategy for federal agencies has raised the profile of the cybersecurity technology and prompted many non-government IT security managers to consider how they might adopt the three zero trust principles: “All entities are untrusted by default; least privilege access is enforced; and comprehensive security monitoring is implemented.” […]
Many companies use Virtual Private Networks (VPNs) to connect between their remote resources and their local networks. However, many of these VPN solutions have three significant issues. First, VPNs can be difficult to set up, secure and maintain. With any misconfiguration or mistake, the entire network may be exposed to attack. Second, VPNs do not […]
Just as the development of cannons and other weapons made walls obsolete as a form of defense, sophisticated cyber attacks have made the firewall-perimeter model of cybersecurity equally obsolete. No longer is traffic inside the network automatically presumed to be from authorized and authenticated sources. And many users now work outside the safety of the […]
Intrusion detection system (IDS) and intrusion prevention system (IPS) technologies – often combined as intrusion detection and prevention (IDPS) – have been in use for decades, yet they remain important cybersecurity tools even in the face of today’s rapidly changing cyber threats and complex IT environments. An ideal security stack provides continuous protection without gaps. […]
Endpoint detection and response (EDR) solutions typically deploy in a standard configuration meant to deliver the least number of false positive alerts in a generic environment. This allows EDR to deploy very quickly, but it also allows for a number of security vulnerabilities. Here we’ll discuss why EDR vendors choose these configurations, and how organizations […]
Not everyone adopts multi-factor authentication (MFA) to secure their accounts. Many stick with simple username and password combinations despite the weaknesses of this authentication method. Yet if someone wanted to enable MFA, which option should they use? Each MFA option suffers vulnerabilities and creates user friction, so IT managers need to select the MFA option […]
A company that discovers that an advanced persistent threat (APT) attack is underway tends to be the exception. Attackers design APTs to be subtle, persistent, and to remain undetected for as long as possible. And they tend to succeed at remaining undetected. The average “dwell time” – the period between infiltration and detection – has […]
Users may believe that when they delete a file on their hard drive, the document no longer exists. However, IT professionals understand that the data itself may remain. Yet even experienced IT professionals may not understand the differences between different types of hard drive file erasure, data overwrite standards, or when those methods might fail […]
Subscribe to Cybersecurity Insider for top news, trends & analysis