The Last Watchdog

GUEST ESSAY: Threat hunters adapt personas, leverage AI to gather intel in the Dark Web

The Last Watchdog

The Deep & Dark Web is a mystery to most in the mainstream today: many have heard about it, but few understand just a fraction of what’s going on there. Related: ‘IABs’ spread ransomware. Planning your roadmap, executing your projects, and keeping an eye on the barrage of ransomware headlines, it’s understandable if you and your team are feeling some anxiety. Cyber anxiety can indeed be paralyzing, but new software solutions have the potential to become game-changers for IT departments.

GUEST ESSAY: The Top 5 online privacy and data security threats faced by the elderly

The Last Watchdog

What is it about the elderly that makes them such attractive targets for cybercriminals? A variety of factors play a role. Related: The coming of bio-digital twins. Unlike many younger users online, they may have accumulated savings over their lives — and those nest eggs are a major target for hackers. Now add psychological variables to the mix of assets worth stealing. Perhaps elderly folks who haven’t spent a lot of time online are easier to deceive.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

MY TAKE: Businesses gravitate to ‘passwordless’ authentication — widespread consumer use up next

The Last Watchdog

Google, Microsoft and Apple are bitter arch-rivals who don’t often see eye-to-eye. Related: Microsoft advocates regulation of facial recognition tools. Yet, the tech titans recently agreed to adopt a common set of standards supporting passwordless access to websites and apps.

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

It’s no secret that cybersecurity roles are in high demand. Today there are more than 500,000 open cybersecurity roles in the U.S., leaving organizations vulnerable to cyber threats. Related: Deploying employees as threat sensors. Meanwhile, 200,000 well-trained and technically skilled military service members are discharged each year. These individuals have many transferable skills that would make cybersecurity a prosperous civilian career.

Cyber Security, Change Management and Enterprise Risk Management: Scaling Operations for Growth

Speaker: William Hord, Vice President of Risk Management and Compliance

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

SHARED INTEL: VCs pumped $21.8 billion into cybersecurity in 2021 — why there’s more to come

The Last Watchdog

At the start of this year, analysts identified a number of trends driving the growth of cybersecurity. Among them: an expanding digital footprint, growing attack surfaces, and increasing government regulation. Related: Taking API proliferation seriously. Last year saw an unprecedented $21.8 billion in venture capital poured into cybersecurity companies globally. Investors more than doubled down in 2021, increasing investment by about 145 percent.

RSAC insights: Malware is now spreading via weaponized files circulating in data lakes, file shares

The Last Watchdog

The zero trust approach to enterprise security is well on its way to mainstream adoption. This is a very good thing. Related: Covid 19 ruses used in email attacks. At RSA Conference 2022 , which takes place next week in San Francisco, advanced technologies to help companies implement zero trust principals will be in the spotlight. Lots of innovation has come down the pike with respect to imbuing zero trust into two pillars of security operations: connectivity and authentication.

GUEST ESSAY: New SEC rules aim to help C-levels, board members quantify cyber risks

The Last Watchdog

The U.S. Securities and Exchange Commission (SEC) is taking steps to crack down on insufficient cyber risk reporting. Related : Making third-party risk audits actionable. Seeking to minimize cybersecurity threat effects, the SEC has proposed several amendments requiring organizations to report on cyber risk in a “fast, comparable, and decision-useful manner.”. Worryingly, threats are beginning to outpace organizations’ ability to effectively prevent and respond to them.

Risk 127

GUEST ESSAY: Why organizations need to prepare for cyber attacks fueled by quantum computers

The Last Watchdog

In today’s times, we are more aware of cyberattacks as these have become front-page news. We most recently witnessed this as Russia invaded Ukraine. Cyberattacks were used as the first salvo before any bullet or missile was fired. Related: The role of post-quantum encryption.

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

The Last Watchdog

Third-Party Risk Management ( TPRM ) has been around since the mid-1990s – and has become something of an auditing nightmare. Related: A call to share risk assessments. Big banks and insurance companies instilled the practice of requesting their third-party vendors to fill out increasingly bloated questionnaires, called bespoke assessments, which they then used as their sole basis for assessing third-party risk. TPRM will be in the spotlight at the RSA Conference 2022 next week in San Francisco.

Risk 177

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

RSAC insights: ‘CAASM’ tools and practices get into the nitty gritty of closing network security gaps

The Last Watchdog

Reducing the attack surface of a company’s network should, by now, be a top priority for all organizations. Related: Why security teams ought to embrace complexity. As RSA Conference 2022 gets underway today in San Francisco, advanced systems to help companies comprehensively inventory their cyber assets for enhanced visibility to improve asset and cloud configurations and close security gaps will be in the spotlight. As always, the devil is in the details.

Cloud 169

GUEST ESSAY: Rising global tensions put us a few lines of code away from a significant cyber event

The Last Watchdog

Reflecting on the threats and targets that we are most concerned with given the Russia-Ukraine war, cybersecurity is now the front line of our country’s wellbeing. Cyber threats endanger businesses and individuals — they can affect supply chains, cause power grid failures, and much more. Related: Reaction to Biden’s cybersecurity order.

RSAC insights: Software tampering escalates as bad actors take advantage of ‘dependency confusion’

The Last Watchdog

It’s not difficult to visualize how companies interconnecting to cloud resources at a breakneck pace contribute to the outward expansion of their networks’ attack surface. Related: Why ‘SBOM’ is gaining traction. If that wasn’t bad enough, the attack surface companies must defend is expanding inwardly, as well – as software tampering at a deep level escalates.

RSAC insights: Security platforms arise to help companies discover, assess and mitigate cyber risks

The Last Watchdog

Pity the poor CISO at any enterprise you care to name. Related: The rise of ‘XDR’. As their organizations migrate deeper into an intensively interconnected digital ecosystem, CISOs must deal with cyber attacks raining down on all fronts. Many are working with siloed security products from another era that serve as mere speed bumps. Meanwhile, security teams are stretched thin and on a fast track to burn out. Help is on the way.

Risk 164

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

Fireside chat: New ‘SASE’ weapon chokes off ransomware before attack spreads laterally

The Last Watchdog

It’s stunning that the ransomware plague persists. Related: ‘SASE’ blends connectivity and security. Verizon’s Data Breach Incident Report shows a 13 percent spike in 2021, a jump greater than the past years combined; Sophos’ State of Ransomware survey shows victims routinely paying $1 million ransoms. In response, Cato Networks today introduced network-based ransomware protection for the Cato SASE Cloud.

Cloud 130

Q&A: The lesser role VPNs now play for enterprises, SMBs — in a post-pandemic world

The Last Watchdog

During the first two decades of this century, virtual private networks —VPNs—served as a cornerstone of network security. Related: Deploying human sensors. VPNs encrypt data streams and protect endpoints from unauthorized access, essentially by requiring all network communications to flow over a secured pipe. This worked extremely well for users accessing network resources remotely via their company-issued laptops and immobile home computers.

Cloud 122

GUEST ESSAY: Five steps to improving identity management — and reinforcing network security

The Last Watchdog

The identity management market has grown to $13 billion and counting. While intuition would tell you enterprises have identity under control, that is far from reality. Related: Taking a zero-trust approach to access management. Current events, such as the global pandemic and ‘ The Great Resignation, ’ which have accelerated cloud adoption, remote working environments, and the number of business applications and systems in use has complicated matters.

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

The Last Watchdog

You very likely will interact with a content management system (CMS) multiple times today. Related: How ‘business logic’ hackers steal from companies. For instance, the The Last Watchdog article you are reading uses a CMS to store posts, display them in an attractive manner, and provide search capabilities. Wikipedia uses a CMS for textual entries, blog posts, images, photographs, videos, charts, graphics, and “ talk pages ” that help its many contributors collaborate.

CMS 177

The Ultimate Guide to Executive Recruiting

Sourcing the right executive candidates and filling key managerial roles in an organization can be difficult, even in the best of times. Download this eBook to level up your discovery process, talent sourcing, and strategies for reaching your best-fit candidates.

GUEST ESSAY: The many ways your supply chain is exposing your company to a cyber attack

The Last Watchdog

It’s a scenario executives know too well. Related: Third-party audits can hold valuable intel. You and your cybersecurity team do everything correctly to safeguard your infrastructure, yet the frightening alert still arrives that you’ve suffered a data breach. It’s a maddening situation that occurs far more often than it should.

RSAC insights: Concentric AI directs Google’s search techniques towards locking down data sprawl

The Last Watchdog

In order to extract value from the Internet, data sprawl first must get reined in. This has always been the case. Related: Equipping SOCs for the long haul. What good is connecting applications, servers and networks across the public cloud if you’re unable to securely operationalize the datasets that these interconnected systems store and access? Solving data sprawl has now become a focal point of cybersecurity. It’s about time.

GUEST ESSAY: Here’s why managed security services — MSS and MSSP — are catching on

The Last Watchdog

The unification revolution of cybersecurity solutions has started – and managed security service providers are leading the way. Managed security services (MSS) refer to a service model that enable the monitoring and managing of security technologies, systems, or even software-as-a-service (SaaS) products. Here’s more on the various types and benefits of MSS, as well as the state of the MSS(P) market in 2022! Related: Reviving ‘observability’ to secure complex networks.

GUEST ESSAY: A primer on Biden’s moves to protect U.S. water facilities from cyber attacks

The Last Watchdog

Potable water and wastewater management is a top priority for cybersecurity professionals and the Biden administration alike. With new regulations and funding, companies must find the best way to implement and manage cybersecurity to protect these systems. Related: Keeping critical systems patched.

12 Plays to Kickstart Your Recruitment Process

To stay ahead in this race, every recruiter needs a good playbook. In this eBook, we lay out 12 recruiting plays that can automate key steps in your recruitment process, helping you reduce both the cost and the time it takes to hire the best candidates.

GUEST ESSAY – The role of automation in keeping software from malicious, unintended usage

The Last Watchdog

Writing a code can be compared to writing a letter. Related: Political apps promote division. When we write a letter, we write it in the language we speak — and the one that the recipient understands. When writing a code, the developer does it in a language that the computer understands, that is, a programing language. With this language, the developer describes a program scenario that determines what the program is required to do, and under what circumstances.

RSAC insights: ‘SaaS security posture management’ — SSPM — has emerged as a networking must-have

The Last Watchdog

Companies have come to depend on Software as a Service – SaaS — like never before. Related: Managed security services catch on. From Office 365 to Zoom to Salesforce.com, cloud-hosted software applications have come to make up the nerve center of daily business activity. Companies now reach for SaaS apps for clerical chores, conferencing, customer relationship management, human resources, salesforce automation, supply chain management, web content creation and much more, even security.

Cloud 139

MY TAKE: What if Big Data and AI could be intensively focused on health and wellbeing?

The Last Watchdog

Might it be possible to direct cool digital services at holistically improving the wellbeing of each citizen of planet Earth? Related: Pursuing a biological digital twin. A movement aspiring to do just that is underway — and it’s not being led by a covey of tech-savvy Tibetan monks. This push is coming from the corporate sector.

GUEST ESSAY: Best practices checklists each individual computer user still needs to follow

The Last Watchdog

In the days of non-stop attacks on personal and work devices, the common day consumer wouldn’t know where to begin in order to protect their devices. Related: Apple’s privacy stance questioned. The rise of attacks is unavoidable and with the everyday announcement of a new strain of malware, ransomware and now data wipers, consumers find themselves asking: where do I start? How do I do this?

12 Tips for Selling to the C-Suite

The question for sales pros is this: Are you ready for the challenge, and opportunity, of selling to the C-suite? The following 12 tips can help ensure that you and your team are.

BEST PRACTICES: Blunting ‘BEC’ capers that continue to target, devastate SMBs and enterprises

The Last Watchdog

It’s no secret that cyberattacks can happen to any business, and we should all be suspicious of messages from unfamiliar senders appearing in our email inboxes. Related: Deploying human sensors. But surely, we can feel confident in email communications and requests from our organization’s executives and fellow coworkers, right? The short answer: Not always. The reason is the rise in business email compromise (BEC) schemes.

NEW TECH SNAPHOT: Can ‘CAASM’ help slow, perhaps reverse, attack surface expansion?

The Last Watchdog

Defending companies as they transition to cloud-first infrastructures has become a very big problem – but it’s certainly not an unsolvable one. Coming Wed., May 18: How security teams can help drive business growth — by embracing complexity. . The good news is that a long-overdue transition to a new attack surface and security paradigm is well underway, one built on a fresh set of cloud-native security frameworks and buttressed by software-defined security technologies.

Cloud 150

RSAC insights: Why vulnerability management absolutely must shift to a risk-assessment approach

The Last Watchdog

Vulnerability management, or VM, has long been an essential, if decidedly mundane, component of network security. Related: Log4J’s long-run risks. That’s changing — dramatically. Advanced VM tools and practices are rapidly emerging to help companies mitigate a sprawling array of security flaws spinning out of digital transformation. I visited with Scott Kuffer, co-founder and chief operating officer of Sarasota, FL-based Nucleus Security , which is in the thick of this development.

Risk 137

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

Ransomware? I think you may have heard of it, isn’t the news full of it? Well, the stats are even scarier with over 50% increase in ransomware attacks in 2021, compared to 2020. Related: Make it costly for cybercriminals. The media paid close attention to ransomware attacks last year, as they had a significant impact on Colonial Pipeline, the nation’s largest fuel distributor, and JBS, the nation’s largest meat distributor.

Access 155

The Power of Conversation Intelligence

This eBook will answer all your questions and more on Conversation Intelligence (CI) by providing a complete overview and its need in Revenue organizations - delivering impact from your Sales Development Representatives all the way to the C-Suite.

GUEST ESSAY: Securely managing access controls is vital to preserving the privacy of healthcare data

The Last Watchdog

There’s no doubt, the increasing use of telemedicine, the explosion of health-based cloud apps, and innovative medical IoT devices are improving the patient care experience. Related: Hackers relentlessly target healthcare providers.

Access 219

GUEST ESSAY – A primer on ‘WAAP’ – an approach to securing APIs at the web app layer

The Last Watchdog

One could make the argument that Application Programming Interfaces — APIs – are a vital cornerstone of digital transformation. Related: How a dynamic WAF can help protect SMBs. APIs interconnect the underlying components of modern digital services in a very flexible, open way. This has resulted in astounding innovations in cloud services, mobile computing, IoT systems and agile software development.

IoT 183

GUEST ESSAY: Deploying ‘XDR’ can help companies avoid the security ‘vendor-silo’ trap

The Last Watchdog

According to recent data from Oracle and KPMG, organizations today employ over 100 cybersecurity products to secure their environments. These products play essential roles in detecting and preventing threats. Related: Taking a ‘risk-base’ approach to security compliance. However, because they generate thousands of alerts every day , this vast sprawl of security sources adds even more work to already over-stretched security teams. It could create a cybersecurity ticking time bomb.

MY TAKE: ‘Digital trust’ has a huge role to play mitigating cybersecurity threats, going forward

The Last Watchdog

Modern digital systems simply could not exist without trusted operations, processes and connections. They require integrity, authentication, trusted identity and encryption. Related: Leveraging PKI to advance electronic signatures. It used to be that trusting the connection between a workstation and a mainframe computer was the main concern. Then the Internet took off and trusting the connection between a user’s device and a web server became of paramount importance.

Understanding Cadence Workflow for Developers and Architects

Explore the basics of Cadence and understand the benefits it can provide to your organization. This whitepaper will dive into a brief history of Cadence, how workflows can be put into practice, and how you can apply Cadence to your data infrastructure.