webinar | Breaking Cybersecurity News | The Hacker News

High-quality cybersecurity posture is typically regarded as the exclusive domain of the large and heavy resourced enterprises – those who can afford a multi-product security stack and a skilled security team to operate it. This implies a grave risk to all organizations who are not part of this group, since the modern threat landscape applies to all, regardless of size and vertical. What is less commonly known is that by following basic and well-defined practices and wise security product choices, any organization can level up its defenses to a much higher standard. "At the end of the day it comes down to strategic planning," says Eyal Gruner, CEO and co-founder of Cynet, "rather than thinking in term of specific product or need, zoom out and breakdown the challenge to its logical parts – what do you need to do proactively on an on-going basis, while you're under attack and when you manage a recovery process." From the various frameworks of security b

Doing business in today's connected world means dealing with a continually evolving threat landscape. With potential losses due to downtime following a breach, plus valuable client and proprietary information at risk, most organizations realize they cannot afford to be complacent. This puts extra onus on security IT teams, who are continuously left scrambling, looking for the best way to protect their organizations against the threats that bypass AV and firewall. Added to this is another challenge in that most organizations are limited in the resources they can invest in security. Many are left reliant on a single product on top of their security stack. Common practice in organizational security circles as they attempt to remain secure is to upgrade endpoint protection with EPP\EDR or a Network Analytic tool. But as we all know, what's common is not necessarily what's best. How can an organization ensure it remains secure, especially with all that is at stake?

How do you know whether an attacker has infiltrated your network? Can you really rely on an Endpoint Detection and Response (EDR) solution to be your go-to technology for identifying security breaches? Endpoint detection and response (EDR) platform has been an important technology to detect cybersecurity incidents, but it provides only the view of endpoints, just a portion of the big picture. Since hackers can explore and exploit anything within reach, not just a few monitored endpoints, many security professionals are reaching the realization that the actual attack surface of their organizations is significantly wider than only endpoints. In an ideal and more effective approach to security, a broader set of attack vectors and activity data should be examined to get a more complete view of the attack operation. On top of the endpoint, security solutions must also include cloud, threat intelligence, network data, and logging information, among others. If you haven't already,

Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user's base permission is determined by their role, while additional permissions may be granted based on tasks or projects they are involved with. Layered on top of that are custom permissions required by an individual user.  For example, look at a sales rep who is involved in a tiger team investigating churn while also training two new employees. The sales rep's role would grant her one set of permissions to access prospect data, while the tiger team project would grant access to existing customer data. Meanwhile, special permissions are set up, providing the sales rep with visibility into the accounts of the two new employees. While these permissions are precise, however, they are also very complex. Application admins don't have a single screen within these applications th

If you are responsible for the cybersecurity of a medium-sized company , you may assume your organization is too small to be targeted. Well, think again. While the major headlines tend to focus on large enterprises getting breached – such as Sony, Equifax, or Target the actual reality is that small and mid-sized companies are experiencing similar threats. According to Verizon's 2018 Data Breach Investigations Report, fifty-eight percent of malware attack victims are SMBs. Added to this is the fact that attack vectors that target small and medium-sized businesses are growing increasingly sophisticated, which makes securing them respectively challenging, and the trend of targeting ransomware campaigns on smaller organizations, as attackers assume smaller outfits are more likely to quickly pay in order to avoid damage to their business and reputation. Cisco's 2018 Security Capabilities Benchmark Study states that 44 percent of cyber attacks cost organizations over $500,000 i