A couple of weeks ago I was asked by my colleague to give him some clues and tips on how to become a Cloud Security Architect, as that's the venture he wants to follow and he knows I've been in architect-alike roles for a while.
Knowing how much fulfi
Any piece of software we build has a possibility of being vulnerable to either a known flaw or a zero day vulnerability. Using such malicious parties will continue to gain access to the machine. Although it’s highly i
If you’re thinking that the industry you’re operating in is safe from cybersecurity threats then you might have to think again. In this article, we’ll specifically discuss the implications of breaches on healthcare businesses and why is annual penetr
A recently disclosed data leak impacts around 700,000 AmEx India customers, exposing Personally Identifiable Information (PII) like Names, Emails & Telephone numbers. This leak highlights the perils of Shadow IT, and why organizations should look in
RSA conference is one of the leading security conference worldwide. It creates tremendous opportunity for firewall vendors, users and practitioners to innovate, educate and discuss around the current security landscape.
A Next-Generation Firewall (
We were happy to participate in a community round table organized by CISO Platform
This article delves into the risk Shadow IT poses. In a recent report Gartner predicted 30% of breaches due to Shadow IT, this further brings the focus to this topic. Let’s take a look at the report and a few mitigation strategies
1.What Gartner Pre
Credential stuffing is a method that hackers use to infiltrate a company’s system by automated injection of breached username & password pairs. Attackers use credentials to bypass anti-spam and firewall devices and access users accounts. Once they w
Here is a small list of the major policies and best practices to manage Shadow IT
Policies To Have
1.Have A Shadow IT Policy
Create a policy document that takes care of the major areas of Shadow IT Management. This will make sure all company assets
Subdomain Takeover is a type of vulnerability which appears when a DNS entry (subdomain) of an organization points to an External Service (ex. Heroku, Github, Bitbucket, Desk, Squarespace, Shopify, etc) but the service is no longer utilized or has b
Gartner predicted that shadow IT is 30 to 40 percent of IT spending in large enterprises, and Everest Group predicted that it can be 50 percent or more of IT Spending. This indicates that a lot of IT spendings are being bypassed to IT department. Ho
Organizations across all Financial Services firms are dealing with the effects of shadow IT, whether they realize it or not. Shadow IT is technology that is adopted and deployed by business units without the knowledge or consent of corporate IT team
Gartner predicted 30% breaches due to Shadow IT by 2020. This is just one part of how critical this risk area is for the enterprise space. We have put together some of the top resources from Gartner on Shadow IT along with the links to the detailed
As the name suggest “Digital Footprint”, it’s the unique traces of your digital presence. As per wikipedia, “ Digital Footprint refers to one’s unique set of traceable digital activities, actions, contributions and communications that are manifested
As the name suggest “Digital Footprint”, it’s the unique traces of your digital presence. As per wikipedia, “ Digital Footprint refers to one’s unique set of traceable digital activities, actions, contributions and communications that are manifested
Many organizations have hundreds of vendors and Third-Party risk exposure is one of the biggest threats. Most organizations depend upon partners, vendors, suppliers, contractors and other third parties for day-to-day operations. Each of them present
Third-Party risks are more as the Third-Party breaches continue to dominate and these breaches are expensive to organizations. Third-parties are those companies that you directly work with such as data management companies, law firms, e-mail provide
Here we will explore the Shadow IT Risks for OT Departments. Operations Technology groups can be an integral part of important business functions like production, maintenance and more. This means there are a lot of IT related functions which can be
Digital Footprint is the information about the organization that exists on the Internet due to their online activity. Organizations’ digi
$700m to be paid by credit score agency Equifax as part of a settlement for data breach in 2017. The breach is known to expose data of at least 147 million people. It is FTC’s largest data-breach settlement, much above the uber penalty of $148m.
The Atlanta Pen Test Chapter has officially begun and is now actively underway.
Atlanta CISOs and security teams have kicked off Pen Test Chapter #1 (Virtual), an ongoing working series focused on drafting Pen Test Maturity Model v0.1, designed for an intel-led, exploit-validated, and AI-assisted security reality. The chapter was announced at …
