Did you know that one of the top nine attack types consistently covered in Verizon’s Data Breach Report are insider threats and privileged misuse? According to this year’s report, 66% of insiders steal information in hopes of selling it for cash, 17% are just unsanctioned snooping and 15% are taking it in order to take the information to a new employer. What is the root cause of all of these...

Big or small, every organization has accounts that hold ‘keys to the kingdom’ credentials. Almost every account holds some level of privilege that can potentially be compromised, resulting in not only financial, but reputational damage. Looking at top patterns in the 2016 Verizon Data Breach Investigations Report, insider and privileged misuse lands the second most common cause of breaches, 16% of...

Are you guilty of any of these mistakes in your pen-tests? Maybe you've never done these before and now you'll forever remember these as things to avoid when running any future penetration tests. 1. Improperly disposed network gear It’s surprising how often there are still configurations on network gear after disposal. This is putting your company at risk beyond their lifespan. 2. Devices with...

Are you ready to start leveraging micro-certifications in your organization?

What could your savings be?

Get a Jump on Aligning Your Security Policies

Are you ready to improve security, efficiency, and compliance in your organization?

Late last year the New York State of Financial Services (DFS) announced that New York would be proposing a "first in the nation" rule on cyber-security to go into effect on March 1, 2017 which would impact any bank, insurance company and anyone else covered by DFS. The rule requires any regulated company design a cybersecurity program that assesses its risks to ensure the safety and soundness of...

We are so excited about our latest release of Core Impact. Version 20.1 was fueled largely by the valuable and genuine feedback our customers have shared with us. This release was jam packed with new features, including several new additions that offer added convenience and increased usability. To recap, we thought it would be helpful to highlight the top 5: 1. Flexible Licensing Core Impact now...

Authored by: Julio Sanchez In today’s world, with the perpetual threat of breaches always looming, what’s the best way to ensure your organization stays safe? Oftentimes, the best security measure against cyber-attacks is to think like an attacker. When viewing things in this light, it’s immediately clear what makes for a prized gem within your infrastructure: Active Directory. Though such an...

As both cybersecurity breaches and compliance mandates increase, third-party pen testing services are no longer seen as optional. These teams specialize in ethical hacking that gives organizations insight into possible security weaknesses and attack vectors in their IT environment. Being in such high demand, more and more testing services are emerging, presenting businesses with a new challenge of...

The identity security landscape has transformed considerably within the last two decades. And for good reason. Mitigating identity-related access risks has become essential as companies face threats every day, from virtually everywhere. The focus on managing the access of people, digital identities, and privileged accounts has increased significantly to address these risks, and has put Identity...

Guest Post- Alex Naveira, Director, ITGA & CISO on Compliance To continue this month's conversation on compliance, we have another special guest joining us on the blog today. Alex Naveira is the Director, ITGA & CISO at Miami Children's Hospital and oversees multiple locations. We asked Alex what compliance meant to him and he had a list of different kinds of compliance and said "which one?"...

The impact of COVID-19 has been far-reaching across nearly every sector. But none has been so greatly disrupted as the healthcare industry. Managing through this crisis has required healthcare systems to expand some aspects of their workforce and redeploy others virtually overnight in order to transform the way they offer services to patients. Redeploying resources, leveraging a mobile workforce,...

With cybersecurity attacks perpetually on the rise, security teams are under more pressure than ever. While pen testing can help these teams by finding vulnerabilities before adversaries can, even pen testing comes with its challenges. A skills shortage, new and expanding regulations requiring testing, and other critical daily security duties increasingly leave cybersecurity professionals...