Security News
In the TechRepublic article Amazon, Disney, and Uber reveal remote interviewing and hiring processes, N.F. Mendoza looks at key human resource trends and predictions regarding remote hiring. Aside from figuring how to handle all the subtleties of remote hiring, there are plenty of cybersecurity challenges that also need to be addressed.
It's important to understand these threats and how secure configuration of videoconferencing systems can improve the overall security of an organization and individual everyday users. Making sure your videoconferencing technology is set up securely can help prevent these attacks from being successful.
Telemed is a two-way street; patients at home are using home networks and personal devices to access their care - which can be much more susceptible to attackers than doctors' office infrastructure. When it comes to the risks that cybersecurity professionals are concerned about, more than half of respondents said that the biggest security challenges stem from the risk of data breaches as more patient information moves to the cloud.
A recent attack on Tyler Technologies, a software provider for local governments across the US, highlighted the concerns held across the nation and left many to wonder if the software providers in charge of presidential election data might suffer a similar fate. The best defense also integrates cybersecurity and data protection, as removing segmentation streamlines the process of detecting and responding to attacks, while simultaneously recovering systems and data.
Since well before the pandemic, software developers have leveraged open source code as a means to speed development cycles. Applications today are usually designed using hundreds of unique open source components, which then reside in their software and workspaces for years.
In an effort to make IT pros' jobs easier, Jack Wallen offers cybersecurity tips to end users-in particular, what not to do to keep company networks, equipment, and data secure. Part of the reason for this is because you're always fighting an uphill battle named end users.
The process of vulnerability disclosure has improved over the years, but still too many security researchers face threats when trying to report bugs. Disclosure policies that give ethical hackers clear guidelines are vast and varied and are seldom universally followed, which adds to the friction between researchers and vendors.
As cyberattacks escalate, Infoblox and Forrester Consulting investigated how security and risk teams are using their DNS investments. 94% of S&R leaders either use or consider DNS as a starting point for threat investigations but only 43% of security and risk leaders rely on DNS as a data source to complete their investigations.
Data breach incidents involving Elasticsearch have been commonly rooted in this lack of attention, as well as a poor overall understanding of Elasticsearch security requirements. This can add up to a perfect storm from a security perspective: Elasticsearch is tremendously easy to deploy, but just as simple to forget about when it comes to hardening security that properly restricts access and protects data.
Abstract: Best practices for Internet of Things security have recently attracted considerable attention worldwide from industry and governments, while academic research has highlighted the failure of many IoT product manufacturers to follow accepted practices. We explore not the failure to follow best practices, but rather a surprising lack of understanding, and void in the literature, on what "Best practice" means, independent of meaningfully identifying specific individual practices.