Blog

Blog

Common Misconceptions About SOC Reporting

Service organization reports (SOC) are vital to businesses. These internal reports let organizations know about the risks associated with outsourced services. They help to establish regulatory compliance and are an extremely important part of any cybersecurity audit. Organizations use SOC reporting to reveal vulnerabilities in their current

Are Retail IT Professionals Really As Prepared As They Think for Security Breaches?

Protecting company records as well as private and confidential customer information is a top priority for many businesses. After all, just one security breach can devastate large companies and possibly destroy smaller businesses. Comprehensive IT security is especially important for those organizations in the retail industry.According to a recent

6 Key Tips for Penetration Testing in 2016

The need for penetration testing has become a fact of life in 2016. As businesses grow more reliant on online activities — and often require 100 percent effective network uptime — penetration testing remains the best way to ensure your systems are safe and secure.

However, penetration testing is definitely not a “set it and forget it” 

4 Essentials Every Company Needs for an Incident Response Plan

Behind nearly every cybersecurity breach in recent years is a business or organization that was left to grapple with the fallout. Indeed, organizations that suffer a major security incident can end up spending tens, or even hundreds of  millions of dollars  on remediation costs, fines, damages and other related expenses. However, even major breaches

What Do The Worst Passwords of 2015 Say About Us?

In the 2015 edition of its annual worst passwords list, password management company SplashData revealed the 25 most common (and most easily compromised) passwords for the year. Based on an analysis of more than 2 million passwords revealed through searches of publicly available plain text data dumps, the report found that the Internet public is

3 Tips to Encourage Collaboration In Your Organization's Security Processes

While information security has assumed top priority in many organizations, the steps that enterprises take to strengthen their overall cybersecurity often focus solely on improving the technology and processes involved in those efforts. Unfortunately, such a heavy focus on the technical mechanics of cybersecurity neglects the human side of the

5 Common Programming Languages That Cause the Most Software Vulnerabilities

Over the last couple of years, many cybersecurity problems have come to light. There has been a wave of WordPress and Drupal vulnerability warnings and patches, and SQL injection bugs are being found left and right in Web applications. Many of the bugs can be traced back to PHP, but other common programming languages can also cause

WordPress and Health Applications Are Now the Most Popular Web Attack Targets

Research shows that WordPress and health applications are the most popular targets for online attacks. If you’re currently using WordPress for your website or offering a healthcare app, here are some key facts and figures you should know.

 

Content Management Systems Are Most Vulnerable

A new report by Imperva revealed that content management

4 Common Mistakes in Firewall Configuration

A firewall is a great way to protect your organization, but it only works well if it is configured properly. Here are four common mistakes in firewall configuration, along with some tips for avoiding them.

 

1. Non-Standard Authentication Methods

Using non-standard authentication methods can put you at risk of a cybersecurity breach. When you

Your 4-Step Guide to Security Budget Planning for 2016: Part 2

Once again, it’s time to plan your security budget for the next year. In our last post, we discussed planning and implementing as the first two steps of planning your 2016 security budget. Now, let’s look at the final two steps: execution and analysis.

 

Execution

Successful execution of a security plan involves detecting new risks and monitoring