Towerwall's InfoSec Blog

10. Everything is connected. As the Internet of Things adds more and more devices to our networks, it creates more doors and windows for cyber criminals. Keep them locked.

The ISSA of New England's 2nd annual virtual chapter meeting will be on: Thursday, January 21 at 12:00 Noon. ( Yes, while you eat lunch you can join us online. ) Careers in Cyber Security is the theme of this meeting. The most pressing problem in security is for sure the lack of qualified people to fill the number of open roles. If you or your firm are looking for people to hire, this session is for you. If you are looking for a new and better role in 2016, this session is for you.

Hacking and data breaches weren’t just the norm, but they reached far and wide, hitting victims of all kinds, from regular consumers, to government employees, and even children and cheaters. It seemed like no one was spared. The Worst Hacks of 2015…drum roll please!

Another staple in a series examining the Center for Internet Security's best practices. Our last article looked at applying Critical Security Controls 4, 5, and 6 to your organization, covering vulnerability assessment, administrative privileges, and audit logs. Now it’s time to move on to CSCs 7, 8, and 9. Email programs and web browsers are still the most common points of entry for attackers, too many companies have woefully inadequate malware defenses, and a failure to control ports andfalse

The last time we looked at how Critical Security Controls (CSC) can help you build your InfoSec framework, we covered getting a handle on your software and your hardware inventories. Today, we're going to discuss the importance of continually assessing and remediating vulnerabilities, keeping a tight control of administrative privileges, and monitoring your audit logs. These concepts are encapsulated in CSCs 4, 5, and 6. You should develop stringent policies, consider devoting resources tofalse

How can you make sure the mobile apps you access are secure? A security profile should be at the top of the developer’s list when compiling a mobile app but that’s hardly the case. That’s a pity, because building a profile is easier to do during the dev phase. Are most mobile apps putting your data at risk? Most likely so. According to the most recent report from Lookout, the number of Android devices affected by malware is more than 6 million. Luckily, there are telltale signs that indicate anfalse

Vendors and other third parties should be treated with the same level of intense scrutiny as your own in-house risk compliance mandates. How seriously is your company treating the risk of a data breach? Have you done due diligence on all of your vendors and third-party partners? Cyberattacks can have a devastating impact in terms of reputation and customer trust. It takes time and resources to deal with the fall out. The true cost of a serious data breach is hard to calculate.

by Sarah Kuranda Sophos is launching a new technology Monday that synchronizes threat intelligence and automation across endpoint and network levels. Sophos Security Heartbeat, part of the Oxford, England-based company's new XG firewall series, links together the company's next-generation firewall and UTM solutions with its next-generation endpoint technologies. In doing that, the company said, it is able to improve security across a company's environment in real time, with improved context,false

When it comes to infosec, many of the most core basics are being overlooked. Many of the most obvious areas where security can be tightened up with little effort are being blatantly ignored. Are you doing your level best by covering the basics? Below are seven potential vulnerabilities. Most of these can be tackled without major cost or time, so there’s really no excuse not to consider these.

Critical Security Controls is a set of best practices devised by the Center for Internet Security, a nonprofit dedicated to improving cybersecurity in the public and private sectors. Cyberattacks are costing businesses between $400 billion and $500 billion per year, depending on which analysts you listen to. Cybersecurity has never been a hotter topic. The market is expected to grow from $106 billion this year to more than $170 billion by 2020, according to Markets and Markets. The average costfalse