Lately, I have been thinking about the mental health effects that stem from working in the cybersecurity industry. And in my research, I came across an Afternoon Cyber Tea podcast that sparked my interest. During their talk, host Ann Johnson and Dr. Ryan Louie, MD, PhD, dissect parallels between those who work in cybersecurity and … Continued
What Is Incident Response? Incident response is a structured approach to addressing and managing the aftermath of a security breach or cyberattack, also referred to as an IT incident, computer incident, or security incident. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs. Additionally, it … Continued
What Is DevSecOps? DevSecOps is a philosophy that integrates security practices within the DevOps process. DevSecOps involves creating a ‘security as code’ culture with ongoing, flexible collaboration between release engineers and security teams. The main aim of DevSecOps is to make everyone accountable for security in the process of delivering high-quality, secure applications. This culture … Continued
What is an Intrusion Prevention System (IPS)? An Intrusion Prevention System (IPS) is a network security and threat prevention tool. Its goal is to create a proactive approach to cybersecurity, making it possible to identify potential threats and respond quickly. IPS can inspect network traffic, detect malware and prevent exploits. IPS is used to identify … Continued
The Rising Threat of Cybercrime in Healthcare Of growing concern to both patients and the professionals who facilitate their care is the growing trend of healthcare organizations being preyed upon by cybercriminals. In the United States, recent political dialogue has brought special attention to patients’ privacy rights under HIPAA and the ongoing security of their … Continued
What is Zero Trust? Zero trust is a security model to help secure IT systems and environments. The core principle of this model is to never trust and always verify. It means never trusting devices by default, even those connected to a managed network or previously verified devices. Modern enterprise environments include networks consisting of … Continued
Despite the best efforts of individuals to protect their own data, they cannot always account for the cybersecurity shortcomings of larger organizations such as their employers, financial institutions, and healthcare providers entrusted with their personal information. Recently, it was made painfully apparent that hotels should also be added to this list of vulnerable entities based … Continued
Security Information and Event Management (SIEM) technology has become a fundamental part of identifying and guarding against cyber attacks. It is one of the essential technologies powering the modern security operations center (SOC). SIEM is an umbrella term that includes multiple technologies, including log management, security log aggregation, event management, event correlation, behavioral analytics, and … Continued
Microsoft Azure Sentinel is an intelligent, next-generation security information and event management (SIEM) solution designed to detect threat anomalies. Azure Sentinel is also categorized as a security orchestration automated response (SOAR) service that expedites the incident detection and event response process for cybersecurity teams. Azure Sentinel provides an extra layer of security to protect critical … Continued
Endpoint protection is a security approach that focuses on monitoring and securing endpoints, such as desktops, mobile devices, laptops, and tablets. It involves deploying security solutions on endpoints to monitor and protect these devices against cyber threats. The goal is to establish protection regardless of the endpoint’s location, inside or outside the network. In this … Continued