web app security

Improving Security in Web App Development

cybersecurity, Network Security

Traditional, downloadable, applications are becoming less common as cloud services expand. Instead, organizations and consumers are turning to programs they can use from any connected device: web applications. Web applications allow organizations to accommodate remote workers, as well as access a globalized market of connected customers. However, these applications require that services be constantly accessible and that data transfer is secure. An application breach or service inaccessibility can cause significant impacts to you and your customers. 

cybersecurity tabletop

Developing Cybersecurity Muscle Memory with Table Top Sessions

cybersecurity, Network Security

Anything that’s difficult takes time to master, or at least become competent, and it requires constant training and being pushed in situations which will sharpen your reflexes. This is the predominant reason why we perform cybersecurity tabletops in order to improve our reaction time regarding security incidents and breaches. During these situations there’s much more than the technical aspect that needs to be considered and if the entire organization isn’t moving in tandem, mistakes will be made. Organizations as a whole need to live this experience, even if it’s just a tabletop, in order to understand the ramifications of where you might have blinders on from a maturity standpoint. This consistent role playing, aimed to force all levels of participant’s out of their comfort zone, is used to create that tempered muscle memory on how to react to incidents without question.

patch

Just Patch Already… It’s Not that Easy

cybersecurity, Network Security

We’ve all heard it before, “Just patch all the things and you’ll be perfectly fine” and there’s a lot of truth to this statement; it’s also extremely shortsighted. If you’re working in a large enterprise or an organization that uses unique equipment for business functions it’s almost impossible to follow the “patch all the things” mantra. Mostly, because there aren’t available patches or the systems have become unsupported. At CCSI we work with some of the world’s largest organizations and in doing so we’ve noticed that patching isn’t always an option, even though we recommended it as a priority, to some systems on the network. Here are few areas we recommend when patching isn’t an option.

safe wifi

How to stay safe while using Airport WiFi

cybersecurity, Mobility, Network Security1 Comment

The more people you share an internet connection with, the more vulnerable you are to data theft. That is why it is always safe to browse the internet from home or at the workplace where the networks are uncongested and secure. But you cannot hide in this comfort zone forever; you will occasionally need to use public internet such as a coffee shop or airport Wi-Fi. When that happens, how do you secure your data? Please read on to discover 5 tips on how to stay safe while using airport Wi-Fi.

cloud security mistakes

Drastic Cloud Security Mistakes No One Should Make

Cloud Computing, cybersecurity, Network Security1 Comment

In our modern age, it is natural to want to modernize your business in order to keep up with the times and keep customers interested, so investing in the cloud can often seem like a natural pathway for changing businesses, but it does come with some risks. Not paying attention to the very real risks of compromising cloud security – which can seem like a faraway, non-important issue – can cost you greatly, and, at worst, could ruin your business. Customers put their trust in you to keep them and their data safe, so compromising that can be the absolute faux par, which will destroy your business’ reputation and ensure that no future success can be enjoyed. But enough with the fear-mongering: how can you stop these security slips ever happening in the first place? Knowledge is your best tool, so knowing about the dangers often prevents them from becoming issues.

OWASP

10 Tips for Defending Against the OWASP Top 10

cybersecurity, Network Security, Regulation1 Comment

Open-source software is a great way to add proven functionality to your application, but it comes with risks in the form of software vulnerabilities. If you are using open-source components (and with all likelihood you are), it is important to keep track of new vulnerabilities as they are discovered, so you can upgrade to the latest, patched-up version of the software. 

One tool you can use to keep track of open-source vulnerabilities is the list provided by the Open Web Application Security Project (OWASP), which was last updated in 2017. The OWASP Top 10 covers the most critical security risks for web applications.

The following tips should help you protect your software against the OWASP Top 10 vulnerabilities.

GDPR

Steps to make your website GDPR Compliant

cybersecurity, Network Security, Regulation

Does your business continuous traffic from European countries? If your answer is yes then you should be fully aware of Europe’s new data privacy law – GDPR. It will definitely affect you if you don’t know it.

In this article, we are going to discuss everything about what GDPR is, how it is going to affect your approaches of data collection and how to make your site GDPR compliant.