Threat actors are focusing a lot on Active Directory today as it is a path for them to reach an organisations key data & applications. The versatility of Active Directory makes it a crucial target for hackers. Organisations learn new ways on how to protect this valuable target and mitigate the risks. Organisations...
Modern software applications contain many complexities that challenge testing requirements and security teams. A variety of elements including custom/proprietary code, open source components, and application configuration pose challenges for independent verification and validation (IV&V) and audit and testing teams.
...
It's not news that the digital economy is changing all the rules for IT, which has to deliver the infrastructure and apps that business stakeholders demand. And they have to do it fast without compromising security. That's why it so important to have a modern data center.
Learn what defines a modern data center and...
Despite significant investments in common DLP and analytics technologies, breaches and theft of sensitive data continue to rise. This is because the data itself is only monitored, not protected. But what are the gaps in your current technology investments and how can they be filled?
To ensure data security and...
CynergisTek's 2018 report aggregated ratings from security assessments performed at hundreds of healthcare organizations in 2017 to reveal an average 45% conformance with NIST Cybersecurity Framework (NIST CSF). The report found that of the NIST CSF five Core Elements, organizations had the lowest ratings in detecting...
With advances in big data, artificial intelligence, machine learning and more, healthcare is primed to innovate. But do HIPAA, GDPR and other regulatory standards inhibit the ability to innovate? This whitepaper discusses healthcare's complex convergence of innovation and compliance.
While this is a very...
The Future Is Here; Go With It
Industry analysts see a major shift to software-defined storage (SDS), with SDS overtaking conventional storage by 2020. Container-based or container-native storage (CNS) is a big part of that move. Government agencies and organizations are better off accepting and adopting the...
CynergisTek's 2018 report aggregated ratings from security assessments performed at hundreds of healthcare organizations in 2017 to reveal an average 45% conformance with NIST Cybersecurity Framework (NIST CSF). The report found that of the NIST CSF five Core Elements, organizations had the lowest ratings in detecting...
With the advent of technology in personal healthcare - internet connected glucose monitors, intravenous blood pressure monitoring, personal best friend emotional bots - a lot of highly sensitive data that's rampantly traversing the airwaves. The impact of this data getting in the wrong hands is just starting to be...
As of Q1 2018, the global cybersecurity community finds themselves inundated with both internal and external advanced threat actors who are stealthier, more resilient and sadly, more effective than they have ever been before. Many organizations are coming to terms with deciding whether their security posture is...
With advances in big data, artificial intelligence, machine learning and more, healthcare is primed to innovate. But do HIPAA, GDPR and other regulatory standards inhibit the ability to innovate? Scott Whyte of ClearDATA discusses healthcare's complex convergence of innovation and compliance.
The struggle is real as DoD moves from DIACAP to RMF. System owners are challenged to adopt technology that can address the more dynamic controls required by RMF.
Learn how to get help from defense agencies to monitor and assess their systems for RMF compliance by automating the gathering, analysis and reporting of...
In 2014, the Department of Defense (DoD) issued instructions that replaced DoD Information Assurance Certification and Accreditation Process (DIACAP) with the Risk Management Framework (RMF). The RMF is designed to be managed as a continual process as the risk posture evolves over time for each information...
The fact that Federal agencies are prime targets for the most sophisticated cyber threats is undeniable. If cyberattacks are inevitable, then robust capabilities for security investigation, threat hunting, and rapid response are essential. Government cybersecurity professionals require visibility across their silos of...
As of January 1, 2018, all SWIFT customers must self-attest to their compliance with the new SWIFT Customer Security Program (CSP). The program is designed to respond to the wave of cybercrime targeting SWIFT installations that began with the Bank of Bangladesh breach back in February 2016 and has swept across the...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.