What is Third-Party Risk Management?
What is Third-Party Risk Management?
Creating and maintaining relationships with third parties brings about multiple risks. Whether your organization is large or small, it’s almost certain that you have business relationships with many third parties for specific types of operations. When operational data and confidential information are exchanged with third parties, that data and information are vulnerable to misuse and exploitation. This is…
5 questions every higher-ed security leader should ask
Patrick Robinson and Mike McLaughlin contributed to this blog. In the day and age of COVID-19 we have witnessed a transformation of the way we work. If I were asked before March of 2020 how long it would take to make the progress in digital and security transformation that we as a society have made in the last 9 months, I would…
Get the latest
security news
in your inbox.
RSS
Phishing awareness and phishing training explained
There is no more effective initial attack vector than phishing. With an ability to reach well-within your organization’s logical perimeter all the way down to an individual user’s Inbox with some form of malicious content, phishing has proven to be a challenge to organizations working to maintain a proper security stance. On top of this,…
Raising email security awareness through gamification
October was National Cyber Security Awareness Month which is an excellent opportunity to invest in a modern approach to email security awareness. Most companies and organizations conduct security awareness training annually, during onboarding, and after an adverse event. The effectiveness of periodic training varies greatly and depends on organizational culture and structure, leading to unexpected or undesired results.…
What is unified endpoint management? UEM explained
This blog was written by a third party author. The business world is undergoing its most dramatic shift yet with the adoption of digital assets and workforce decentralization representing a huge business opportunity. These changes have led to added endpoints, or devices connecting to the network, and is enabling this transformation. But managing the volumes of these diverse endpoints and…
Stories from the SOC – Multi-layered defense detects Windows Trojan
Stories from the SOC is a blog series that describes recent real-world security incident Investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Executive summary Malware infections are common and are often missed by antivirus software. Their impact to critical infrastructure and applications can be devastating to…
Online purchase scams spike since the start of COVID-19, reports BBB
This blog was written by an independent guest blogger. Scams occurring during online purchases have spiked since the start of the pandemic, as reported in new research conducted by the Better Business Bureau (BBB). Around 80.5% of consumers who reported this type of scam this year lost money, compared to 71.2% in 2015. Online purchasers scams have been among the…
The Netflix streaming model can obviate your employee’s computer security
This blog was written by an independent guest blogger. Someone you don’t know walks into your office and sits down at a computer. Maybe that computer is a corporate desktop assigned to a mid-level manager or to a member of your IT department. Maybe it’s a personally owned laptop used by a contractor. That unknown person…
Protecting remote endpoints
Although businesses have been tasked with addressing a number of remote assets associated with off-site resources such as a sales force that’s often mobile, the number of remote endpoints has grown exponentially. The laptops and mobile devices needed to facilitate working from home full-time for a large percentage of their workers given recent global events has exploded. Companies…
SecTor 2020, Canada’s Biggest Cybersecurity Event: Day Two
This blog was written by an independent guest blogger. Even though SecTor had to be entirely online this year due to our unusual international circumstances, there have been plenty of excellent talks from many experienced cybersecurity professionals. The talks took place over the course of two days, October 21st and 22nd. Last time I covered the talks I attended on…
What is a virtual CISO?
This blog was written by a third party author. Organization’s today host a wide range of information that, due to its external value to competitors, nation-states, or cybercriminals, needs to be properly protected. The role of a Chief Information Security Officer (CISO) is to establish and maintain the organizational strategy and execution to protect its sensitive and…
Best data security practices when offboarding employees
This blog was written by an independent guest blogger. In times long gone, disgruntled former employees could only do so much damage to your company, and relatively little at all to your data security. In the fast-moving world of the 21st century, however, it’s a different story. Costly data breaches and devastating thefts have been undertaken in recent…
