In cybersecurity circles, 2017 will go down in history as the year that Fortune 500 CEOs started to get fired after data breaches, whereas in the previous era a junior IT manager would be sacrificed. It seemed that everyone got hacked, ranging from the SEC or Parliament in the UK, Fortune 500 companies, to the law firms that manage off-shore wealth for the elite.
If you aren’t using Splunk or haven’t heard of it, we like to think of it as the Google of log files. A #BigData cruncher that allows you to search through the logs or exports of thousands of systems from one interface!
We first introduced Splunk to automate complex queries and reports across our multiple data sources. It was our Read more
That is, if you are running Windows 10 version 1511 which Microsoft declared end of life (EOL) after October 10, 2017.
Maybe you overlooked the deadline amidst the 62 Patch Tuesday updates Microsoft issued that very same day. Perhaps the storm of ensuing cybersecurity vulnerabilities (KRACK, Bad Rabbit) pushed it further down the to-do list.
With stability restored from last month’s Meltdown and Spectre patches, we’ve resumed 100% patching just in time for some big hitters this month.
Should you be worried? Given attacks are already in the wild, remediation is definitely a top priority for your network admin team.
This is what you need to know.
What is it?
Cisco has issued an update to its January 29 security advisory that alerted customers to the highest rated critical vulnerability on its Adaptive Security Appliance (ASA) firewall platform’s Web VPN services.
Hackers love that we are connected outside the office environment more than ever. Mobility brings greater vulnerability to the corporate network the moment employees check email on phones, connect laptops to public WiFi. Having a good policy in place and exercising extra vigilance is key. Take our quick checklist test to see if your firm is covering all the bases for mobile device security.
Damned If You Patch, Damned If You Don’t
The furore over Meltdown and Spectre continues. Not only have an abundance of (seemingly rushed) patches been released this week and last, but Intel and Microsoft have finally confessed to performance impacts across workstations and desktops.
Only 4 days into 2018 and the sense of foreboding has already started to resonate across IT security teams with the debut of two major security flaws: Meltdown and Spectre.
If the ominous names haven’t caused enough concern, perhaps it’s the panic caused by the media storm, vendor denials and ambiguity around remediating the vulnerabilities.
Take a breath and read on to find out everything you need to know.
The new SSAE 18 standard was introduced just after we had completed our 2017 SOC 1 assessment (under SSAE 16). We interpreted this as an opportunity to re-run the audit process at the end of the year (and maintained our tradition of passing without exception!).
Before you start making your 2018 resolutions, it’s time to sit down with your last cup of eggnog and reflect on all that 2017 taught us in the cyber security world…