Security News

Threat Stack announced new capabilities that help security teams quickly detect and remediate threats in cloud infrastructure. Threat Stack now enriches Linux host and container events in real time with EC2 metadata like VPC, security group, and DNS names.

The dynamic nature of cybersecurity, the changes in the threat landscape, and the expansion of the attack surface lead organizations to add more security solutions-from different vendors-creating a layered security infrastructure that introduces new challenges to any team, with a much more significant impact on small ones. Sophisticated attacks continue to bypass these advanced security layers while FOMO compels security teams to evaluate every new solution that comes out.

Organizations with a remote workforce that rely on Microsoft Teams for a centralized workplace for collaboration, can add best-in-class Encryption and Rights Management to ensure automatic protection of sensitive data shared and accessed from Microsoft Teams. Seclore for Microsoft 365 offering allows organizations to automatically add persistent, granular usage controls to sensitive documents worked on in Microsoft Teams channels.

Cybersecurity company Cynet just released findings from a survey of 200 CISOs in charge of small security teams to shine "a spotlight into the challenges of small security teams everywhere." In addition to better understanding the challenges these CISOs face, the 2021 Survey of CISOs with Small Security Teams delves into the strategies CISOs will employ to ensure their organizations are protected from the ongoing onslaught of cyber threats - all while saddled with limited budgets and headcount.

Pwn2Own Vancouver typically takes place during the CanSecWest conference in Vancouver, Canada, but due to the coronavirus pandemic, this year's event will be hybrid - participants can submit their exploits remotely and ZDI staff in Toronto and Austin will run the exploits. The car is being offered to those who participate in the automotive category.

"Despite the challenges of accelerated digital transformation timelines, this year has provided many lessons for IT and business leaders. One of the most important being the optimization of the best management and security practices for our cloud-native future of working-from-anywhere." 83% of IT leaders with in-house security teams are now considering outsourcing their security efforts to an MSP in 2021.

Companies with small security teams, generally SMEs, are facing a number of unique challenges, placing these organizations at greater risk than their larger enterprise counterparts, according to Cynet. In this survey of 200 CISOs at SMEs with five or fewer security staff members and cybersecurity budgets of $1 million or less, it was found that a majority of these organizations were overwhelmed by the endless volley of cyber attacks.

Most companies with small security teams face the same issues. Many of these companies turn to virtual CISOs to provide security expertise and guidance.

Be we have to balance this and also not turn remote work into a world where everyone must be available 24/7. People still need to be able to shut off work as well. What we lost in the ability to meet directly with people can be a benefit in a remote world where managers and leaders - who are often the stakeholders the intelligence team needs to talk to - are able to be more efficient.

For a CISO that faces the cyber threat landscape with a small security team, the challenge is compounded. Compared to CISOs at large enterprises, CISOs small to medium-sized enterprises have smaller teams with less expertise, smaller budgets for technology and outside services, and are more involved in day-to-day protection activities.