You are viewing 'security program'

Late Night Security Program Weaknesses

#WarstoryWednesday

Tim Roberts

April 05, 2017 - Posted by Tim Roberts to Security Insight

Security Guard Asleep Assessment Background

Businesses that are adjacent to hotels are the best…for security consultants. When you have a high-gain wireless antenna, a rogue access point plugged into a network or able to compromise a vulnerable wireless access point, you pretty much don’t have to leave the comfort of your hotel room or parked vehicle for the assessment. I have been on a handful of these fortunate layouts and it certainly helps when staying under the radar. One of my first red team assessments had a hotel right next to the business we were assessing. The only thing separating the extended stay hotel and business was waist-high foliage, with little to no lighting or camera coverage. With this assessment, after hours testing was in scope, thus making the assessment that much easier.

On-site Social Engineering... read more >

Aligning Cybersecurity with Business Models

Matt Ireland

March 16, 2017 - Posted by Matt Ireland to Security Insight

IT Security Team

Does your organization face challenges with effectively aligning cybersecurity teams and business executives? In many organizations, it seems that business executives and cybersecurity teams don't always understand each other's roles. Executive leadership may not realize the cyber risks to their organization, such as APT threats, insider threats, espionage, phishing. Also, cybersecurity teams may not know what business systems are MOST important to protect before and during an incident. 

So how can you successfully align cybersecurity with the C-Suite, and keep the collaborative alignment effective? Before we answer that question, let's first talk about the challenges that have historically kept security and business executives out of alignment.

Strategic vision directly influences and impacts the success of implementation of cybersecurity controls. Cybersecurity MUST be positioned as a business enabler. And businesses... read more >

NTT Security 2017 Security Trends and Predictions

Jon-Louis Heimerl

December 29, 2016 - Posted by Jon-Louis Heimerl to Security Insight

2017 Predictions

As 2016 comes to a close, instead of discussing the past breaches and security issues of 2016, it’s time to start thinking about what challenges we will face in 2017. Monitoring major security trends and predictions can help your security program stay ahead of any potential threats, and anticipate where the cyber industry is going.

We asked several of our top leadership at NTT Security about 2017, and what security trends or predictions they may have. Below we list several trends to watch out for in the next several months:

Jon Heimerl, Manager, Threat Intelligence Communication Team, NTT Security

  • Resurgence in Hacktivism  
    As 2016 closes, political unrest has increased in several parts of the world for a variety of reasons. For example, the U.S. presidential election highlighted partisan disagreements, the European Union is struggling with...
read more >

How Do You Strengthen Your Cybersecurity Posture?

Here’s the obvious answer…

Aaron Perkins

December 15, 2016 - Posted by Aaron Perkins to Security Insight

Protection

If you’ve ever wondered whether your company should spend its hard-earned money on strengthening its cybersecurity posture, the answer is a resounding YES! But why? That’s what we are going to discuss today.

Cybersecurity companies have been saying it for years: “The question is not if, but when your company will be attacked.” At an increasing rate, these attacks come in the form of phishing emails, where an unsuspecting (often untrained) employee opens what appears to be a legitimate email and subsequently clicks on a malicious link. With two clicks, your company and its associated data are now open to the world. An attacker has free rein of your entire network, thanks to the unsuspecting employee who clicked on the malicious link.

Perhaps all too often the obvious answer is to fire the employee – or is it so simple?

Truth be told, had that employee received acceptable training from the time their... read more >

Are You Prepared?

#WarStoryWednesday: Most incident response plans don’t survive first contact

David Biser

December 14, 2016 - Posted by David Biser to Security Insight

This is not technically a war story, however, it is an experience that I would like to share. I recently attended an event featuring a speaker from a large company that had experienced one of the most high profile and extensive breaches in recent history. For the sake of the company I will not name them in this blog, but I do want to stress that the company is very large and the breach was extensive, affecting millions of customers and their entire network. What was interesting is that the speaker was from the company’s legal department, and as such, is not a “technical” person. This provided a brand new perspective to incident response.

In my line of work as an incident response analyst, working in a Managed Security Services Provider company, I routinely help companies that suffer from security incidents. I have first-hand knowledge as to how devastating such an event can be to a company. This speaker stressed that their company lost well over a billion... read more >

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)

LATEST TWEETS