Hacking isn’t just about computers. It’s a skill. It requires keen observation, resourcefulness, and creativity. And as a teen, I see hacking all the time on social media. They’re called teen influencers. And it’s got both the good and the bad of hacking. You see, I’m a busy person: family obligations, work, work friends, school,…
BYOD is defined by Google as the practice of allowing employees of an organization to use their own personal devices for work purposes. This includes mobile phones, laptops, and tablets. Given the sharp increase in the number of companies taking advantage of all that BYOD offers, several similar acronyms have developed, such as BYOT (Bring…
We recently held our second annual CISO roundtable that brought in the attendance of fifteen CISO’s for a candid conversation regarding their concerns, challenges and advice on protecting their organization. Last year’s roundtable showed that Long Island has a security community that’s hungry to learn and grow from each other. This was also evident from the attendance at the first BSides Long Island, which was held in January. It was no surprise that our second roundtable was just as lively and informative as these two events. Throughout the agenda for the night the topics covered ranged from continued challenges, improvement, and future considerations. We’ll briefly touch on a few throughout this blog so the extended community can learn from their wisdom and insights.
Last month Bob Violino wrote a great article about “The dirty dozen: 12 top cloud security threats.” At CCSI we are seeing many of our customers with aggressive “move to the cloud” or “cloud first” initiatives. As they move forward, we always advise them that they keep a close eye on their security posture and attack surface.
The cybersecurity and tech job markets are booming and it’s a great time to be a job seeker or employee in this field. Just because there’s job security doesn’t mean that you should let off the gas pedal. As an employee or prospective employee in the tech field, you should always be looking for ways…
Often, when speaking to many organizations, I often hear confusion about Pen Testing, ie: what it is, how it differs from vulnerability assessments and what are the best use cases. I’ve decided to write this blog in the hopes of helping my customers better understand these differences and use cases of each.
The cyber threat environment is dynamic and constantly evolving. There are new vulnerabilities discovered on a daily basis. Attacks are getting more sophisticated – they’re getting more complex and flying under the radar of traditional detection technologies.
The ripping benefits of cloud computing have been widely touted – business agility, scalability, efficiencies and cost savings among the top. Fortunately, more and more companies are seen migrating and building mission-critical Java applications specifically for cloud environments showing no signs of slowing down. At the same time, such technology has exposed us to threats and risks previously unheard of.
Cloud security is the protection of data, applications, and infrastructures involved in cloud computing. Just like on-prem IT security, cloud security still has concerns like unauthorized data leaks, weak access controls, susceptibility to attacks, and threats to availability.
The two-year transitional period implemented by the New York State Department of Financial Services (NYS DFS) regarding their Cybersecurity framework, 23 NYCRR 500, finished this past March 1, 2019. This doesn’t mean the work ends here, but essentially it’s just getting started. The state of New York allowed institutions, or covered entities, a 24 month break in period before having to adhere to all phases per year. The training wheels are off and all phases will have to be obtained yearly moving forward.
