Tips

Tips

• Is encryption one of the required HIPAA implementation specifications?

  When it comes to encryption, the HIPAA implementation specifications are complicated. Expert Joseph Granneman explains whether it's required or addressable.  Continue Reading

• Using IPv6 atomic fragments for a denial-of-service attack

  IPv6 atomic fragments can be dangerous for enterprises. Expert Fernando Gont explains their relation to a new denial-of-service attack vector and how to mitigate the threat.  Continue Reading

• Reporting ransomware attacks to the FBI: Pros and cons

  Reporting ransomware attacks to law enforcement can pose potential risks to the targeted organization. Expert Mike O. Villegas discusses the key aspects of disclosing an attack.  Continue Reading

• How a single ICMPv6 packet can cause a denial-of-service attack

  Expert Fernando Gont explains how Internet Control Message Protocol version 6 can be used by threat actors to stage a simple, yet effective, denial-of-service attack.  Continue Reading

• IoT development and implementation: Managing enterprise security

  The CSA's guidelines for secure IoT development can give enterprises an idea of how to evaluate IoT products. Expert Nick Lewis explains the steps enterprises should take.  Continue Reading

• Why authorization management is paramount for cybersecurity readiness

  After enterprise identities are authenticated, an authorization management system should monitor how resources are being used. Expert Peter Sullivan explains how it can work.  Continue Reading

• What to consider about signatureless malware detection

  Endpoint security is changing into signatureless malware detection and protection. Expert Matthew Pascucci discusses the transition away from signatures.  Continue Reading

• DNS reverse address mapping: Exploiting the scanning technique

  Scanning IPv6 addresses can be made easy with DNS reverse mapping. In part two of this series, expert Fernando Gont explains how this technique can be exploited and mitigated.  Continue Reading

• Intrusion response plans: Tales from front-line IT support

  The right intrusion response training can make all the difference in data breach prevention. Expert Joe Granneman provides a real-world example from which enterprises can learn.  Continue Reading

• How to use DNS reverse mapping to scan IPv6 addresses

  Enterprises looking to perform IPv6 address scans can use DNS reverse mapping techniques. In part one of this tip, expert Fernando Gont explains how the process works.  Continue Reading

• What global threat intelligence can and can't do for security programs

  Global threat intelligence is a valuable complement to a company's security program, but it can't replace security measures like training and internally collected data.  Continue Reading

• How to organize an enterprise cybersecurity team effectively

  The structure of an enterprise's cybersecurity team is important for ensuring it's as effective as possible. Expert Steven Weil outlines strategies for setting up a security group.  Continue Reading

• How Windows hardening techniques can improve Windows 10

  Windows 10 may be the most secure Windows ever, but expert Ed Tittel explains how to use Windows hardening techniques to make systems even more secure.  Continue Reading

• The consequences of removing PPTP support from iOS 10

  Apple's removal of PPTP support on iOS 10 and Mac OS Sierra leaves companies scrambling to implement other VPN protocols. Expert Michael Cobb explains enterprise options.  Continue Reading

• Preventing DoS attacks: The best ways to defend the enterprise

  Preventing DoS attacks may not always be possible, but with a strong defense, enterprises can reduce their impact and recover quickly. Expert Kevin Beaver explains the best approaches.  Continue Reading