Misconfiguration Routes Internet Traffic Destined for Europe to……..Hong Kong

telia logo 2016

Earlier this week, millions of customers of Swedish firm Telia, reported connectivity issues, with mobile apps such as WhatsApp and websites. The problem was so severe that the initial diagnosis was that a transatlantic cable had been severed or damaged. However, after much frantic investigation, it transpired that the outage was actually caused by a Telia engineer misconfiguring a router, resulting in all web traffic bound for Europe being sent to Hong Kong and causing a massive internet outage.

PCI DSS 3.2: Why removing SSL or updating the TLS isn’t enough

iStock_51757454_SMALL

The average end user – and the average organization – probably uses far more devices and applications that deploy web technology than they realize. For an end user, this might mean that they’re not following the good online security practices that they think they are. For a business, this might mean that they’re not complying with PCI DSS– even if they think they are.

Checking the cybersecurity pulse of medical devices

iStock_79033615_SMALL

Hospitals are increasingly becoming a favored target of cyber criminals. Yet if you think about medical equipment that is vulnerable to being hacked at a hospital, you might not immediately think of high-end, critical equipment such as MRI and X-ray scanners, and nuclear medicine devices.  After all, these devices go through rigorous approval processes by…Read More

Connecting the dots: how to tie threat path intelligence to actionable choices

49216984_thumbnail

Threat path intelligence is analyzing and assessing threat information in relation to your business, and preparing a suitable response or taking proactive protective measures. Given that these days it’s no longer a matter of if, it’s the matter of when you will be attacked, monitoring and tracking threat intelligence can be vital to saving your business.

Plugging the cybersecurity skills gap with automation

HiRes

What can organizations do to fight the disconnect between supply and demand and ensure that they have the right cybersecurity skills in place – one that can adequately protect them in an increasingly challenging world? The cybersecurity sector has generally-speaking been too introspective in recent years, expecting talent to simply land in their laps. But with the growing number of threats facing organizations every single day, and talented young IT enthusiasts choosing alternative career paths, it’s a problem that can’t be ignored any longer especially, as my colleague, Nimmy Reichenberg, likes to say “creating a security professional with 10 years of experience takes … well, 10 years”.

‘Have IT Your Way’: making network security change processes similar to ordering a burger

iStock_000006277275_Small

Burger King may have updated its slogan from ‘Have It Your Way’ to a more lifestyle-friendly ‘Be Your Way’, but the underlying message still stands. Order a burger, and they will deliver it exactly as you want it – while still following a standard, automated, quality and highly efficient process.

Trustwave report shows why security basics matter

trustwave

Following on from last week’s blog post on the Verizon Data Breach Investigations Report (DBIR), here are some thoughts on the latest report from Trustwave. The eight Trustwave Global Security Report analyzes hundreds of data compromise investigations done by the firm across 17 countries. The key takeaways?  Alarmingly, 97% of the applications tested by Trustwave…Read More

Miscommunication between IT and security teams leads to network security gaps

HiRes

If there has ever been a universal law that impacts network security it’s the saying: communication is not what’s said but rather what’s heard. IT and security professionals are often so busy putting out fires that so many things are said in passing often goes in one ear and out the other. Exacerbating the challenge, IT and security are known to have some strong personalities (I was once part of that club!).

Once more unto the breach:  lessons from Verizon’s Data Breach Investigations Report

verizon breach report 2016

In the infosecurity sector, spring is the season of reports, with several leading vendors (AlgoSec included) releasing detailed reports on industry trends and incidents. One of the most established is the Verizon Data Breach Investigations Report (DBIR), which analyzes the types and frequencies of security incidents globally over the previous year and provides security and networking teams with useful information on how to improve their organization’s security posture.

Finding the Right Security Management Solution for Your Organization: Hear from Real Users

Evaluating new security products in today’s world can be tough. Many CISOs and security professionals are seduced by the hype and promises of the shiny new security toys that are popping up like mushrooms. Yet more often than not, you don’t need to invest in these new tools. Just by getting back to basics and…Read More

Security is from Mars, Application Delivery is from Venus

Men are from Mars, Women are from Venus

Men Are from Mars, Women Are from Venus by John Gray was one of the best-selling nonfiction books of the 1990s. It asserts that men and women essentially come from different ‘planets’, and need to seek out greater understanding of each other’s wants, needs and ways of thinking in order to cooperate better in relationships….Read More

Happy World Password Day!

password

Passwords. They’ve been an integral part of information security since the dawn of computers – and they have been the bane of users’ lives for almost as long. We’ve all experienced the difficulties of trying to remember a dozen or more different passwords for different applications and devices, only to have to change them as…Read More