Enterprise Security

12.12.16

Thank You, Dr. Amoroso, for Making 3 Smart Cybersecurity Recommendations to the President-Elect

by

In what is likely the first open letter to President-Elect Donald J. Trump from a member of the U.S. cybersecurity community, an industry leader has made three smart recommendations regarding the nation’s security defenses—including choosing one standard security compliance framework (NIST), reducing dependence on enterprise perimeters, and expanding the educational Cyber Corps program. HyTrust applauds […]

Read More

06.19.15

Put Your SIEM on Steroids with Granular Monitoring

by

SIEM (Security Information and Event Management) refers to software products and services that combine security information management and security event management. A SIEM collects log files and allows for real-time analysis of data that helps security analysts take defensive measures. However, the SIEM can only roll up the data it receives from various applications and […]

Read More

06.10.15

Venom – Cloud Security Shattering or Shrug-Worthy?

by

The recently-uncovered Venom security vulnerability can be a nightmare for virtual administrators and cloud service providers. This zero-day flaw is a threat to the multi-tenant nature of the cloud. As the vulnerability resides in one of the most critical components in widely used virtualization software, it allows an outsider to gain access over potentially every […]

Read More

06.01.15

Keep Up with the Changing Threat Landscape by Understanding the True Nature of Security

by

“Security is a journey, not a destination.” Symantec CISO Patricia Titus includes that statement in her email signature as a reminder that we should not lose focus on the big picture when it comes to information security. Too often, companies spend so much time chasing the latest threat instead of stepping back to reconsider how […]

Read More

05.26.15

Breaking the Cloud Kill Chain: Why Perimeter Security Is No Longer Enough

by

Bad actors love admin accounts, especially in the cloud. With the broad permissions afforded these users, they become ideal attack targets allowing attackers to propagate malware, bypass controls and cover their tracks after they’ve wrecked their havoc. Having a measured, structured approach to defending such attacks helps companies to address them in the early stages. […]

Read More

05.11.15

Businesses Need CISOs to Bring Both Security and Leadership

by

Feeling misunderstood and underappreciated is par for the course for information security workers. They only get attention when something goes wrong. And in the boardroom, the problem is exacerbated by a perception of CISOs as glorified admins. For businesses to succeed in implementing strong security, driven by the top-down approach risk managers recommend, they need […]

Read More

05.04.15

Addressing IT’s Biggest Security Concerns

by

Security has become the biggest worry the IT world faces. With a growing number of high-profile breaches and no end in sight, we thought it wise to examine the security issues that concern IT professionals most, ensuring our products are still addressing the security and compliance needs of businesses using virtual systems.

Read More

04.29.15

It Can Happen to Anyone: Social Engineering Awareness Must Be a Security Cornerstone

by

Social engineering penetration tests show the many ways in which hackers can easily trick users and administrators into security lapses. It’s vital to your security program that every user and administrator understands these methods, how they can avoid becoming victims, and what to do if they suspect they have been targeted by a spear phishing […]

Read More

04.06.15

Do Your IT Security Standards Put the “No” in Innovation?

by

It’s an unfortunate fact that the people you put in charge of innovation often see those in security as members of the cult of “no.” The security team may stick to rigid policies or keep closed minds when it comes to new ways to enforce security policies that will make it easier for the creative […]

Read More