The Principle of Least Privilege (PoLP) is the idea that every user, program, or process has access only to the information that are necessary to complete its function. As this topic has traditionally been used for government purposes, businesses and organizations have begun to implement PoLP with their employees. PoLP is a crucial component in […]
read more »The Coronavirus pandemic has remolded us into a digitally dependent world. The directives of social distancing forced a rapid shift of activities from the physical world to the digital world. The platforms that are used to host business meetings are now the same platforms used to host virtual celebrations and gatherings. The lines between our […]
read more »No one wants to be the next SolarWinds. Of course the SolarWinds attack that was conducted was a very methodical and well planned attack but at the end of the day it comes down to implementing and governing best security practices. And, yes, most companies are not equipped or prepared for this type of attack […]
read more »Organizations currently are dealing with unprecedented times during this pandemic. COVID-19 and its high infection rates are basically single handedly changing how many organizations function. Many organizations were caught off guard by having to switch to a work-from-home model. Based on past trends, and COVID-19 coming to the forefront of organizations, it also has come […]
read more »A critical Windows Server vulnerability that affects Microsoft Windows Servers that are configured as Domain Controllers has been seen in the wild for the first time this week according to Microsoft. The vulnerability known as CVE-2020-1472 or “Zerologon” as its being called allows an attacker to gain control over an Active Directory Domain Controller within […]
read more »According to research, there has been a push to implement cybersecurity programs in businesses in all sectors. However, several companies are disregarding important aspects of cybersecurity. Having an inadequate cybersecurity program enables attackers to penetrate the company network. This article will highlight the top cybersecurity mistakes made by companies. Not Understanding Who the Program is […]
read more »Dunkin Donuts has agreed to pay $650,000 in fines as part of a settlement with the New York Attorney General over claims that the company ignored attacks on its computer systems and applications that resulted in thousands of compromised accounts. The NY Attorney General said that Dunkin Donuts failed to adopt security safeguards against future […]
read more »Storing data in the cloud allows for easy management and accessibility over the internet. According to the Goldman Sachs analysts, as of 2020, around 23% of all IT workloads are processed in the cloud. As with any storing solution, cloud storage poses risks for security, including a loss of sensitive data, violation of other controls, […]
read more »As the global workforce shifts to remote work, business operations and management face a number of obstacles. As mentioned in the previous article, the line between our work lives and our personal lives are blended now more than ever. Pre- pandemic predicted cybercrime will cost companies $6 trillion globally. According to research, last year, governments […]
read more »Both SOC 2 and NIST 800-53 play a large role in regulatory compliance. Both aim to protect data in the cloud and are critical in today’s environments to ensure information security. The SOC 2 Framework and NIST 800-53 Publication go hand- in- hand, and adhering to both sets of controls will provide your company with […]
read more »