Clik here to view.
Independence Day
In cybersecurity as in national security, remembrance and eternal vigilance are essential to maintaining our freedom.Our nation has seen many changes since its founding 240 years ago, and it still is...
View ArticleClik here to view.
Four Reasons the EU General Data Protection Regulation is Important to Security
Brexit has catapulted the European Union (EU) into the news recently. However, from a security perspective, I think the EU General Data Protection Regulation (GDPR) is more important in terms of...
View ArticleClik here to view.
Influence of the NIST Cybersecurity Framework on Hong Kong
Security is a common language across the globe; every person, organization, and country is concerned about security. From personal data privacy, business impact of cyber threats, to protection of core...
View ArticleClik here to view.
Good Security Metrics Build Relationships and Trust
Using Security Metrics to Drive ActionTenable recently sponsored the publication of an ebook, Using Security Metrics to Drive Action. This ebook is a compilation of thoughtful essays from 33 CISOs and...
View ArticleClik here to view.
Cyber Hygiene in Higher Education: Cybersecurity Projects during Summer Break
School is out for summer. This is a good time for schools to focus on cybersecurity projects for the coming year. Threat hunting, vulnerability management and the core value of continuous visibility...
View ArticleClik here to view.
Security Metrics are About Illustrating Criticality vs Risk
Using Security Metrics to Drive ActionTenable recently sponsored the publication of an ebook, Using Security Metrics to Drive Action. This ebook is a compilation of thoughtful essays from 33 CISOs and...
View ArticleClik here to view.
Threat Hunting with YARA and Nessus
In Nessus 6.7, file system scanning functionality was introduced that could look for specific file hashes of files on disk. This was in addition to the running process detection which has been...
View ArticleClik here to view.
Transforming Security: The Thousand Mile Journey Begins with a Single Step
Information security professionals are all on the same journey, to protect customer and employee data, safeguard our company’s intellectual property and trade secrets, and strengthen our company’s...
View ArticleClik here to view.
Mr. Robot Season 2 Unmasked
In the season 2 premiere of Mr. Robot, our protagonist, Elliot, struggles with an internal battle involving the memory of his father and the ramifications of the last hack in season 1. In this episode...
View ArticleClik here to view.
Post-Hunt Survival Skills: Scope and Triage
Inevitably when you threat hunt - you will find something. What happens next? A barrage of questions ensues:Is it an incident, administrative activity, an external attacker in your environment?How did...
View ArticleClik here to view.
Metric-Based Security
Gavin Millard, Tenable’s Technical Director for EMEA, is a popular speaker and expert on information security. His presentations on security metrics always draw a crowd and impart insights and...
View ArticleClik here to view.
Continuous Visibility of Vulnerabilities is More Critical than Ever for CISOs...
Traditionally, vulnerability scanning—credentialed and/or non-credentialed—has been predominantly a security compliance exercise driven by regulations (e.g. HIPAA, FFIEC) or industry standards (e.g....
View ArticleClik here to view.
Regional Cloud Adoption
As Tenable’s EMEA Technical Director, Gavin Millard has his finger on the pulse of information security internationally. He stays in touch with customers and practitioners via presentations and visits...
View ArticleClik here to view.
Mr. Robot Asks: Are You Hacker Proof?
In Mr. Robot Season 2 Episode 4, as Darlene and Elliot watch a horror movie, Darlene suggests calling a dinner delivery service called Postmates - a service she hacked using code injection. As they...
View ArticleClik here to view.
Network Monitoring: A Vital Component of Your Security Program
Despite the many advances in information security, organizations are still experiencing breaches. Whether the root of an attack is human error or system weakness, network monitoring can help detect...
View ArticleClik here to view.
Black Hat 2016: Resilience and Community
The Black Hat conference is one of the most fun and dynamic security conferences all year. Infosec analysts, hackers, researchers, pen-testers, practitioners and vendors all come together to challenge...
View ArticleClik here to view.
Detecting Mr. Robot Malware
Season 2 Episode 5 of Mr. Robot starts with Elliot preparing a malicious payload delivery system that we later find out is a femtocell. The goal is to create a Man in the Middle (MitM) attack vector...
View ArticleClik here to view.
Enabling the Risk Management Framework
Moving beyond periodic certification of information systems to the Risk Management Framework requires standardizing and automating the assessment process.Making decisions based on outdated information...
View ArticleClik here to view.
Vulnerability Management with Nessus in the Cloud
Regardless of whether you’re running applications and storing data in a physical, virtual or cloud environment (or a hybrid mix), a key responsibility for you as a security professional is to keep that...
View ArticleClik here to view.
Is Mr. Robot in Your Network?
In Season 2 Episode 6 of Mr. Robot, Darlene and Angela continue with infiltration of the FBI and E-Corp, while Elliot is otherwise detained. Because Angela must plant the femtocell in E-Corp, members...
View Article