1. Increased adoption of risk-based and biometric authentication tools Anthem and Equifax breaches have raised some very serious questions on password-only authentication options. Service providers as well as consumers are now looking for alternatives that will reduce the risk of data breach. As risk-based authentication tools assess the background behavior and other data of [...]
The number of reported major IT/hacking events attributed to ransomware by health care institutions increased by 89 percent from 2016 to 2017, according to cyber defense firm Cryptonite’s 2017 Healthcare Cyber Research Report, which used data reported to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). The research [...]
What is wrong with CyberSecurity? According to an article in The Hill the new DHS breach illustrates perfectly what is wrong with today's cyber security practices. They say that "organizations should focus less on how a breach occurred (hacking, insider, fraud, etc.) and focus more on building up and preserving customer trust in their [...]
Firewalls come in many forms and often do not offer enough protection. In this blog post I describe a little project I've done to see how we can use a hardware firewall with Suricata based intrusion prevention in a somewhat portable way. Paranoid or necessary? I'd say necessary, considering the myriad of attacks that [...]
Walk virtually through your information flows. ObjectSecurity OpenPMF now supports virtual reality and 3D (beta version). OpenPMF 3D automatically creates a graph (nodes + edges) visualization of the imported information about your systems and applications alongside the "drag and drop" visualization that has been supported for several years. ObjectSecurity's SCRAMS product (robust prototype) also supports [...]
Many Cybersecurity experts have said for years that we need to do better whitelisting, and that relying on blacklisting and anomaly detection is not good enough anymore. Unfortunately, organizations often cannot technically implement the comprehensive security policies they want to (or should want to). This is because there are too many overlapping technical configs [...]
Today’s information age would have felt like out of a sci-fi movie to someone 20 years ago. More data has been created in the past two years than in the entire previous history of the human race. 1.7MB of data is created for every human per second. Within 4 years, we will have generated [...]
The number one IT expense in 2017 is predicted to be cybersecurity. Gartner expects the market to reach one trillion dollars by 2020, and according to the Harvard Business Review cybersecurity will be the fourth most important item that will be discussed in the boardroom in 2017 — right after corporate strategy, political changes and shareholder [...]
ObjectSecurity is proud to release OpenPMF 4.0, a major new product version in mid-February 2017. ObjectSecurity invites you to the OpenPMF 4.0 launch events during RSA Expo week (Feb 13 & 14, 2017) and to our virtual online launch event. ObjectSecurity invites you to the OpenPMF 4.0 launch events, which will be held at Elan Event Venue [...]
Most organizations are overwhelmed, understaffed, and/or underfunded when it comes to cybersecurity. These constraints create a critical need to prioritize on the most critical cybersecurity measures. However, often these priorities are unclear or hard to determine, leading to less-than-optimal cybersecurity product purchases and/or activities. This is because the metrics about which overarching cybersecurity priorities matter [...]