On the back of the Microsoft Vulnerabilities Report (2017) findings, Dr. Eric Cole, CEO of Secure Anchor Consulting and SANS Instructor, considers how companies can become more secure simply by removing admin rights from their users, without losing functionality...
Last week marked the 50th anniversary of the ATM, a device that changed the face of personal monetary transactions forever. According to the ATM Industry Association (ATMIA) there are now close to three million of them worldwide, with over 70,000 in the UK alone where it all began. On 27th June 1967, the world's first "hole in the wall" was revealed at Barclays Bank in Enfield, London. Celebrations aside, I’d like to look at exactly what’s going on under the hood from a software perspective. Is securing them through industry best practice is realistic and practical?
On June 27, 2017 a number of organisations across Europe began reporting significant system outages caused by a ransomware strain referred to as Petya. The ransomware is very similar to older Petya ransomware attacks from previous years, but the infection and propagation method is new, leading to it being referred to as NotPetya. Due to the sudden and significant impact of the attack, it was immediately likened to the WannaCry outbreak causing concerns globally.
Firms across the globe have been hit by a variant of the Petya or Petwrap strain of ransomware impacting Windows servers, PCs, and laptops. Initial reports suggest this latest attack struck The Ukraine initially but it has quickly spread to many other countries including Russia, Spain, France, the UK, The Netherlands, and the US. Currently the attackers are asking for $300 worth of Bitcoins to retrieve access to data, however, there are reports that a business in South Korea has paid $1m to get access.
Many, if not all organizations that I work with have been on a PAM journey of some description – some successful, some not so much, but all have had considerable investment along the way. In this blog, I want to explore the value-add of PAM, its principles, and ultimately the security posture delivered by the approach.
In part 1, I discussed the importance of understanding your company’s culture when embarking on a security project as this can be the key to success or failure. In this blog, I’ll take a closer look at the five key areas you should pay particular attention to.
In this blog post, I want to share some of my experiences on how company culture can kill a security project, especially when removing admin rights.
Avecto has an illustrious history of providing enterprises with control at the same time as ensuring user freedom. By enabling organizations around the world to remove admin rights and put in place realistic application whitelisting, we raise the security bar while helping people achieve compliance and reduce operational costs.
Last month we welcomed the return of the McAfee brand, one of the trailblazers in the ongoing battle against cyber crime. In a well-articulated blog post, McAfee CEO, Chris Young, set out the vision and mission of the #NewMcAfee and laid down its ambitious plans to take the business forward and ultimately shape the security marketplace as never before.
This weekend a team from Avecto will be taking part in the Great Manchester Run to raise money for Stockport Mind. In my last blog I discussed some reasons why I think everybody should consider running to improve their own mental health. Today I will discuss how you can get started and stick to it. I’ll also draw out some similarities to software development.
With just a year to go until GDPR takes effect, there are concerns that around half of businesses may not meet the new data protection standards in time. While the majority of IT security professionals are aware of GDPR, a recent poll found just under half are preparing for its arrival.