All Blog Posts (1,173)

Risks of Shadow IT in Financial Services Firms

Organizations across all Financial Services firms are dealing with the effects of shadow IT, whether they realize it or not. Shadow IT is technology that is adopted and deployed by business units without the knowledge or consent of corporate IT teams.

The motivations behind the adoption of shadow IT are typically well-intentioned. For financial services firms, the risks of shadow IT are amplified due to the value of the data their organizations possess, and the strict…

Continue

Added by pritha on December 18, 2019 at 12:00pm — No Comments

As the name suggest “Digital Footprint”, it’s the unique traces of your digital presence. As per wikipedia, “ Digital Footprint refers to one’s unique set of traceable digital activities, actions, co…

As the name suggest “Digital Footprint”, it’s the unique traces of your digital presence. As per wikipedia, “ Digital Footprint refers to one’s unique set of traceable digital activities, actions, contributions and communications that are manifested on the Internet or on digital devices.” Here in this blog we will emphasise on how to manage enterprise digital footprint.

An Enterprise Digital Footprint, is an inventory of all the digital assets over internet…

Continue

Added by pritha on December 18, 2019 at 11:04am — No Comments

4 Ways To Manage Enterprise Digital Footprint

As the name suggest “Digital Footprint”, it’s the unique traces of your digital presence. As per wikipedia, “ Digital Footprint refers to one’s unique set of traceable digital activities, actions, contributions and communications that are manifested on the Internet or on digital devices.” Here in this blog we will emphasise on how to manage enterprise digital footprint.

An Enterprise Digital Footprint, is an inventory of all the digital assets over internet…

Continue

Added by pritha on December 18, 2019 at 11:00am — No Comments

How Missing Continuous Monitoring Makes Third-Party Risk Management Programs Ineffective

Many organizations have hundreds of vendors and the Third-Party risk exposure is one of the biggest threats. Most of the organizations depend upon partners, vendors, suppliers, contractors and other third-parties for day-to-day operations. Each of them presents some potential risk to the organization.

Third-Party Risk Management programs helps in assessing the cybersecurity of vendors/3rd parties that handle an organization’s sensitive data or…

Continue

Added by pritha on December 18, 2019 at 10:30am — No Comments

Third-Parties: Risks & Threats Associated With Them

Third-Party risks are more as the Third-Party breaches continue to dominate and these breaches are expensive to organizations. Third-parties are those companies that you directly work with such as data management companies, law firms, e-mail providers, web hosting companies, subsidiaries, vendors, sub-contractors. Third-Parties are  basically any organization, whose employees or systems have access to your systems/ data. However,…

Continue

Added by pritha on December 18, 2019 at 10:00am — No Comments

Understanding Shadow IT Risk for OT Departments

Here we will explore the Shadow IT Risks for OT Departments. Operations Technology groups can be an integral part of important business functions like production, maintenance and more. This means there are a lot of IT related functions which can be handled by the OT department members in terms of functionality. However, not involving the IT department could mean these IT functions could cause potential security concerns. The OT department member might not be aware of the exact…

Continue

Added by pritha on December 18, 2019 at 9:30am — No Comments

Top 4 Risks That Can Be Mitigated Through Digital Footprint Monitoring

Digital Footprint is the information about the organization that exists on the Internet as a result of their online activity. Organizations’…

Continue

Added by pritha on December 17, 2019 at 5:30pm — No Comments

Equifax To Pay $700m As Data Breach Settlement

Continue

Added by pritha on December 17, 2019 at 5:00pm — No Comments

Shadow IT Threats – How To Turn Them Into Opportunity?

Shadow IT  threats involves pushing back on any initiatives that try to bypass IT and fighting the line of business managers for ownership of these projects. Shadow IT opportunity involves transforming shadow IT into official line-of-business shortcuts and becoming the corporate champion of innovative initiatives. Below are a few ways one could looks at Shadow IT as an opportunity.

CISO’s Choice:

There was a time when…

Continue

Added by pritha on December 17, 2019 at 5:00pm — No Comments

Domain Hijacking & 3 Easy Countermeasures

Domain hijacking is the act of changing the domain name registration without the original Registrant’s permission, or by abuse of privileges on domain hosting and registrar software systems. It is a form of theft that takes place online, where the thief/attacker takes access of a domain without the consent of the domain registrant. It is up to you and your domain/ hosting company to prevent your domain falling prey to these kinds of attacks because they happen due to security…

Continue

Added by pritha on December 17, 2019 at 4:53pm — No Comments

Top 8 Ways To Handle Leaked Credentials Incidents

The Deep Web contains nearly 550 billion individual documents. Search engines can only access 16% of the available information, this gives you an idea of the huge size of dark web. There is about 5+ Billion Leaked Credentials, Credit Card Breaches information available on dark web. In this blog, we will talk about Top 8 ways to handle leaked credentials incidents.…

Continue

Added by pritha on December 17, 2019 at 4:30pm — No Comments

How to create an SPF TXT record?

Step 1: Collect all IP addresses that are used to send email

The Sender Policy Framework (SPF) gives the ability to authenticate your email and to specify which IP addresses are allowed to send email on behalf of the specific domain.

In order to successfully implement SPF you first need to identify which mail servers are used to send email for your domain. These mail servers can be any sending organization, you should think of your Email Service Provider,…

Continue

Added by Priyank Sheth on December 17, 2019 at 4:00pm — No Comments

(Webinar) Terry Cutler On Cyber Security For Students

We are super excited to have Terry Cutler (voted #1 Top Influencer in CyberSecurity by IFSEC Global 2018) do a web conference as part of our Kids Cyber Safety Initiative. As a part of his talk he will talk about internet safety for students, social media safety & more

We would also request you to encourage your children, peers, colleagues…

Continue

Added by pritha on December 17, 2019 at 3:45pm — No Comments

A Dive into CEH

How do you prepare for CEH ?



The first question that you should ask yourself is why CEH over other certs ?

Apart from CEH being a highly recognized Cert, CEH gets you strong with you basics in the security domain,

this branches out into different paths such as:

# Penetration testing (VAPT)

# Management Level roles 

# Audit level roles / Forensics 

On…

Continue

Added by Prasanna V Balaji on December 13, 2019 at 4:21pm — No Comments

Arch – Black ! (0x0)

Although there are a lot of Pentesting operating systems available Black arch seems to be a really good arch based distribution and it contains a ton of tools the one could make use of. I decided to review and make a guide based on black arch linux.

Now before getting started i would like to say that the popular Distributions such as Kali linux, Parrot Security OS, Black box are still an…

Continue

Added by Prasanna V Balaji on December 13, 2019 at 4:00pm — No Comments

What to Look for in a Bug Tracking Tool

Issue tracking can often be a tedious and annoying task. With several bugs happening at the same time, it becomes important to use bug tracking tools for your teams. This has become even more important in today’s era when there is fierce competition for high-quality products. While developers are well-equipped to deal with bugs, there is no easy way to keep track of them. This is where bug tracking tools come in. The primary purpose of these tools is to manage…

Continue

Added by Ray Parker on December 10, 2019 at 4:19pm — No Comments

(Community Round Table) Shadow IT Risks And Controls : Managing The Unknown Unknowns In Deep & Dark Web

Progress Till Date : 

  • 300+ check-lists, frameworks & playbooks
  • Platform for comparing security products
  • Task force initiatives to solve specific industry problems
  • Kid’s cyber safety initiatives…

Continue

Added by pritha on December 9, 2019 at 2:52pm — No Comments

Dear Security Community, are we doing it right?

Compliance Vs Security:

Compliance does not always mean you are secure, totally agree. But does not mean Compliance, Standards and Processes are useless, it is not as glamorous, but it works silently in the background. Compliance covers all the areas equally while performing risk assessments and improves overall security baseline. E.g. periodic checks for access control and least privileges go a long way not only in…

Continue

Added by Santosh C on December 9, 2019 at 11:29am — 1 Comment

Key Program Metrics of Network Advanced Threat Protection

Advanced Threat Protection (ATP) is used to protect against sophisticated, highly skilled, well funded and motivated threat actor . The solution uncovers advance threats across Endpoints, Network, Email and Cloud. These solutions are used to detect advanced persistent threats that existing controls are not able to detect or are simply not capable of doing it.

Advance threat protection is not about a single security solution, It is about a combination of security…

Continue

Added by Denise on November 29, 2019 at 4:30pm — No Comments

Key Program Metrics Of Next Generation Firewall (NGFW)

A Next-Generation Firewall (NGFW) is an integrated network platform that combines a traditional firewall with application specific granular controls to help them detect application specific attacks. They help detect attacks through application specific protocols such as HTTP, HTTPS, SMTP and so on. It also incorporates various network device filtering functionalities such as an intrusion prevention system (IPS), Web filtering and Email security. They also features functionalities such…

Continue

Added by Denise on November 29, 2019 at 4:30pm — No Comments

Monthly Archives

2020

2019

2018

2017

2016

2015

2014

2013

2012

1999

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service