(IN)SECURE Magazine Notifications RSS

According to Risk Based Security’s Q3 2019 Data Breach QuickView Report, the total number of breaches was up 33.3% compared to Q3 2018, with 5,183 breaches reported in the first nine months of 2019. Number of breaches by attack vector, reported by 9/30/19 Breach activity in 2019 Breach activity in 2019 is living up to being “the worst year on record”. Although the total number of breaches is on track to break previous year records, … More →

The post 5,183 breaches from the first nine months of 2019 exposed 7.9 billion records appeared first on Help Net Security.

Enterprises are slow to abandon manual processes, despite being short staffed, as the lack of automation, coupled with increasing network complexity risk and lack of visibility contribute to costly misconfigurations and increased risk, a FireMon report reveals. The report features feedback from nearly 600 respondents, including 20% from the executive ranks, detailing ongoing firewall operations in the spectrum of digital transformation initiatives. “In an age of increasing data breaches caused by human error, it is … More →

The post Network complexity and lack of visibility contribute to misconfigurations and increased risk appeared first on Help Net Security.

Fraud rates have been skyrocketing, with 90 voice channel attacks occurring every minute in the U.S., Pindrop reveals. Key findings Voice fraud continues to serve as a major threat, with rates climbing more than 350 percent from 2014 to 2018 The 2018 fraud rate is 1 in 685, remaining at the top of a five-year peak Insurance voice fraud has increased by 248 percent as fraudsters chase policies that exceed $500,000 In 2018, 446 million … More →

The post Fraud rates increasing as criminals become more sophisticated appeared first on Help Net Security.

Free internet access must be considered as a human right, as people unable to get online – particularly in developing countries – lack meaningful ways to influence the global players shaping their everyday lives, according to a new study. Internet access is no luxury As political engagement increasingly takes place online, basic freedoms that many take for granted including free expression, freedom of information and freedom of assembly are undermined if some citizens have access … More →

The post Should free internet access be considered as a human right? appeared first on Help Net Security.

The Comprehensive Security Guide provides security executives with a single document that gathers standardized and easy to use templates of all main compliance frameworks: PCI-DSS, HIPAA, NIST Cyber Security Framework and GDPR. Prior to having an external auditor excavating through the organizations’ security stack internals, it makes sense for the security stakeholders to independently conduct a rough gap analysis of their environment and the regulation they seek to comply with. Instead of crafting a compliance … More →

The post Download: Internal compliance assessment templates appeared first on Help Net Security.

Sysdig, the secure DevOps leader, announced Sysdig Secure 3.0. This is the industry’s first tool to provide enterprises with threat prevention at runtime using Kubernetes-native Pod Security Policies (PSP). PSPs are controls in Kubernetes that define the security conditions pods must follow in order to run. Sysdig Secure 3.0 also includes the first incident response and audit tool for Kubernetes, giving enterprises the ability to reconstruct historical system activity. Enabling these capabilities are three new … More →

The post Sysdig Secure 3.0 provides enterprises with threat prevention at runtime appeared first on Help Net Security.

Bitglass, the Next-Gen Cloud Security company, announced its revolutionary SmartEdge architecture, delivering a complete Secure Access Service Edge (SASE) solution that simultaneously circumvents the management overhead and performance bottlenecks of competing solutions. With SmartEdge, endpoints carry their own on-device Secure Web Gateway (SWG), locally terminating Secure Sockets Layer (SSL) and inspecting all network activity for blocking threats and data leakage. This architecture eliminates the extra network hop inherent in legacy SWG architectures, ensuring high performance … More →

The post Bitglass SmartEdge architecture ensures high performance and no latency appeared first on Help Net Security.

The Crypsis Group, a leading incident response, risk management and digital forensics firm, announced a new suite of managed security services to help organizations simplify their security operations, make better use of financial and staffing resources, optimize cloud security functions and wade through security solution complexity. Managed security services enable organizations to improve their overall security posture while decreasing their security management burden. The new offering is supported by a partnership with Delta Risk, which … More →

The post The Crypsis Group’s managed security offerings protect orgs against cybersecurity threats appeared first on Help Net Security.

Tealium, the trusted leader in real-time customer data orchestration, announces the launch of Tealium Private Cloud, the first private cloud solution for customer data infrastructure and customer data platform technology. With Tealium Private Cloud, organisations can begin to use trusted and comprehensive customer data while continuing to comply with data privacy and regulatory rules like HIPAA. Tealium Private Cloud can be deployed as a single-tenant or multi-tenant cloud while maintaining increased security and controls around … More →

The post Tealium Private Cloud provides increased security and data privacy appeared first on Help Net Security.

HITRUST, a leading data protection standards development and certification organization, announced a major release of its HITRUST Third-Party Risk Management (“TPRM”) Methodology that introduces numerous new components including an Inherent Risk Questionnaire, Rapid Assessment, and Trust Score. Also announced today are enhancements to the HITRUST Assessment XChange (the “Xchange”) Manager platform to fully integrate the TPRM Methodology. This enables the XChange Manager platform to automate the TPRM process from the vendor qualification through the organization’s … More →

The post HITRUST adds new components to its Third-Party Risk Management Methodology appeared first on Help Net Security.

ZeroNorth, the industry’s first provider of risk-based vulnerability orchestration across applications and infrastructure, announced new platform capabilities that enable customers to more effectively build security into the software development life cycle (SDLC) and evaluate, prioritize and respond to risk based on business context. These enhancements are driven by new integrations with software pipeline and enterprise security platforms, and advanced filtering and analytics capabilities. The ZeroNorth platform enables organizations to embrace critical digital transformation initiatives, such … More →

The post ZeroNorth’s platform enhancements drive security into DevOps appeared first on Help Net Security.

Intel welcomed the next wave of artificial intelligence (AI) with updates on new products designed to accelerate AI system development and deployment from cloud to edge. Intel demonstrated its Intel Nervana Neural Network Processors (NNP) for training (NNP-T1000) and inference (NNP-I1000) — Intel’s first purpose-built ASICs for complex deep learning with incredible scale and efficiency for cloud and data center customers. Intel also revealed its next-generation Intel® Movidius Myriad Vision Processing Unit (VPU) for edge … More →

The post Intel’s product updates drive AI system development and deployment from cloud to edge appeared first on Help Net Security.

Ping Identity, a pioneer in Intelligent Identity, announced that the Ping Intelligent Identity platform provides the identity verification solution for the State of Colorado’s official mobile application, myColorado, which contains the new Colorado Digital ID. The Digital ID enables Coloradans to display a digital version of their driver license on their smartphones for proof of identification, age and address within Colorado. This could eventually remove the need to carry a physical identification card while drastically … More →

The post Ping Identity provides the identity verification solution for myColorado appeared first on Help Net Security.

Sontiq, an enterprise high-tech security and identity protection company, announced an updated user interface for its IdentityForce Mobile App, which also includes comprehensive mobile device scanning and related alerts to help ensure the safety and security of individuals and families. By applying a key component of its Mobile Defense Suite to the IdentityForce Mobile App, consumers now can take advantage of a new feature, Mobile Attack Control, which monitors and alerts IdentityForce Mobile App users … More →

The post Sontiq updates the user interface for its IdentityForce Mobile App appeared first on Help Net Security.

MITRE has launched a tech foundation to advance its mission of solving problems for a safer world by working with the private sector to strengthen critical infrastructure. The foundation provides MITRE a new pathway to work with industry, academia, and other organizations beyond its work with the federal government. MITRE Engenuity is a distinct, not-profit company with a separate board of directors and private funding. “MITRE has a history of transforming cybersecurity standards, improving aviation … More →

The post MITRE Engenuity to strengthen critical infrastructure appeared first on Help Net Security.

Zyxel Communications, a leading provider of secure broadband networking, Internet access and connected home products, announced it has teamed up with F-Secure to integrate the company’s award-winning cyber security software into Zyxel’s residential gateways and devices. The integration of F-Secure’s software with Zyxel’s world-class hardware enables service providers to deliver secure high-speed broadband and WiFi connectivity to their subscribers while protecting them from a growing array of cyber attacks targeting their connected home devices. Zyxel … More →

The post F-Secure integrates its cyber security software into Zyxel’s residential gateways and devices appeared first on Help Net Security.

Devo Technology, the data analytics company that unlocks the full value of machine data for the world’s most instrumented enterprises, announced a product integration with Demisto, a Palo Alto Networks company and leader in security orchestration, automation, and response (SOAR). The integration delivers increased visibility and shortened investigation and incident response times. By providing a better workflow, Devo and Demisto empower analysts and improve the effectiveness of the Security Operations Center (SOC). Together, Devo and … More →

The post Devo and Demisto deliver increased visibility and shortened investigation and incident response times appeared first on Help Net Security.

The Chertoff Group and Dragos announced the formation of a unique alliance that will provide a holistic approach to cybersecurity risk management for industrial organizations seeking to protect critical infrastructure environments from today’s constantly evolving cyber threats. The Chertoff Group is combining its policy intelligence, technology expertise and vast experience communicating threats to executives with Dragos’ industrial control system (ICS) expertise and best-in-class asset identification, threat detection and response platform. This alliance between two of … More →

The post The Chertoff Group and Dragos providing risk management for industrial organizations appeared first on Help Net Security.

Indegy, a leading provider of security solutions for industrial control system (ICS) and operational technology (OT) environments, and Owl Cyber Defense Solutions, the global market leader in data diode network cybersecurity solutions, announced a partnership to provide the safe unification of OT security data with IT monitoring systems. The tested and certified joint Indegy-Owl solution gives customers the confidence of knowing that their OT network is physically inaccessible from the external network while being monitored … More →

The post Indegy and Owl Cyber Defense address secure sharing of OT data with IT security systems appeared first on Help Net Security.

In the absence of a federal digital privacy law, Microsoft has decided to comply with the requirements of California’s Consumer Privacy Act (CCPA) throughout the U.S. The CCPA in short The CCPA goes into effect on January 1, 2020, and says that California residents (consumers) have the right to know what personal data is being collected about them and access it, to know whether their data is sold or disclosed (and to whom), to demand … More →

The post Microsoft to honor California’s digital privacy law all through the U.S. appeared first on Help Net Security.