Happy World Password Day!

password

Passwords. They’ve been an integral part of information security since the dawn of computers – and they have been the bane of users’ lives for almost as long. We’ve all experienced the difficulties of trying to remember a dozen or more different passwords for different applications and devices, only to have to change them as…Read More

Announcing Our New Website: Take a Tour and Enjoy the New Experience!

algosec homepage

We’re proud to announce the launch of our new website! Our aim is to provide you with new and insightful content to help you make your enterprises more agile, more secure and more compliant. The website also reveals our new corporate identity as well as support for a mobile-optimized experience. To help you navigate the…Read More

Using Geo-IP Data to Tighten Firewall Rulesets

Geo-IP blocking, or denying internet traffic from or to a certain geographical location based off of an IP address can be a very useful tool for preventing cyber attacks, malware, phishing, or spam. One thing to look for when blocking by country is the ability to block by country code – it allows for more…Read More

Are Firewalls Still Relevant to Security?

“The firewall is dead”, “Data is the new perimeter”, “Cloud will make the firewall obsolete” – these are just some of the quotes you hear now and again within the information security community. But I would like to counter them with a quote adapted from (renowned cybersecurity expert) Mark Twain – “The reports of the…Read More

Is Your CIO Your Next Big Security Risk?

Risk_clevel

A few weeks ago we released the findings of our latest survey, examining the State of Automation in Security.  It showed that many companies are struggling. Struggling to rollout new business applications, struggling to migrate to the cloud or enter the software defined data era, struggling with outages, struggling to comply with regulatory requirements, and…Read More

A Typo in Security: The Bangladesh Heist Revealed

This year we have already seen multiple security breaches making headline news, such as the Panama Papers breach we wrote about earlier this week and the Bangladesh heist we are about to cover below. Let’s hope there aren’t any more breaches, but in the meantime learn how you can help protect your organization against cyber-attacks…Read More

The Panama Papers: Security Basics 101

panama papers leaked document money laundering crime vector

There has, unsurprisingly, been a vast amount of speculation as to the origins of the Panama Papers data leak. Initially it was thought to be an insider job, however a partner at Mossack Fonseca has now claimed they were the victim of hack, specifically a ‘spear phishing’ email attack. So far, so ordinary. Spear phishing…Read More

Reaching PCI Nirvana: How to Ensure a Successful Audit and Maintain Continuous Compliance

pci-dss

PCI-DSS audits are typically a point-in-time “fire drill”, yet the PCI-DSS standards body expects a continuous state of compliance. Unfortunately poor change management processes are often the Achilles Heel in reaching and maintaining this nirvana. Staying compliant with the PCI-DSS standards should be a regular business practice that, in the end, can reduce risks for…Read More

Creating Next-Generation Security Policies for Your Next-Generation Firewalls

Primum non nocere, or ‘first do no harm,’ is the guiding principle for physicians.  It means that whatever the type of treatment or procedure, the patient’s well-being is the primary consideration.  It’s an excellent principle to apply to organizations’ IT infrastructures:  any change or migration project needs careful planning and management to avoid unexpected outages…Read More

Something Old, Something New: Managing Security Policies in Mixed Firewall Environments

Next generation firewalls (NGFWs) allow security to be managed with much greater granularity than traditional firewalls – based on specific applications and user groups – providing much greater control over the traffic that organizations want to allow or deny across their networks. So, for example, with NGFW, an organization can choose to block the BitTorrent…Read More

The Network Security “Tax”: From Cost Center to Business Advantage

Now that tax season is upon us, I thought it’d be appropriate to talk about the “tax” of security solutions. The cost of security is not insignificant when it comes to protecting the overall network environment and it’s often viewed as a cost center. Spend, spend, spend with little to no return – or at…Read More

Securing the IoT: The Lights are On But the Attackers are Home

When I last blogged about the Internet of Things (IoT) just over a year ago, I pointed out that it’s not just wearable tech and fitness gadgets that present a security risk. Lighting, heating and cooling systems, smart displays, electronic gateways and vending machines – unobtrusive, almost invisible smart devices that are increasingly being deployed…Read More