What are Cyber Threats?A cyber threat is basically any type of threat that is computer related in nature. To be clear, a computer could be a desktop computer, a laptop, a tablet or even a smartphone. All of these devices have particular types of threats that they can be exposed to that users need to be aware of to ensure that they can protect themselves and their confidential information.Types...

Running a comprehensive and cost-efficient compliance program whether HIPAA, NIST, FFIEC, PCI, GDPR, or Sarbanes Oxley (to mention a few) is a major headache for most Compliance Teams. Digital Defense offers industry leading vulnerability management and assessment, along with best practice compliance guidance to organizations across all verticals and sizes.With predictions from a recent survey by...

This article was originally published on Help Net Security on August 1 , 2019.Microsoft has recently come out and said that mandatory password changing is ancient and obsolete. This goes directly against everything we were trained to think for the last couple of decades, and against most compliance directives including some of the most dominant security standards. And it is correct.If anything,...

What is IPSEC?In the world of VPNs, there are typically two types that an organization can choose from, IPSEC or OpenSSL. While many people have migrated to OpenSSL mode because of its new relative ease of deployment, there are still companies that deploy IPSEC-based VPNs because of the additional layers of security they provide that are not available in OpenSSL-based VPNs.Why Choose an IPSEC VPN...

PCI Compliance is adherence to the set of ground rules set forth in the Payment Card Industry Data Security Standard (PCI-DSS). The standard defines how vendors who accept credit cards are to manage not only the credit card data, but their own networks as well, to ensure that the card data stays protected from theft and abuse.Who Developed The PCI-DSS?The PCI-DSS was developed by the Payment Card...

Rootkits – When Bad Turns to UglyFew words strike more fear into the heart of IT administrators than rootkit. Once a rootkit has been discovered, it’s usually a strong indicator that one or more systems on a network have been compromised and that any data being stored on those systems is now suspect or even worse, has been captured by the rootkit attacker to be released “into the wild” of the...

Anti Malware – A New Type of ProtectionIn today’s world, everyone has heard of antivirus software. This is the same software that has been around for a decade or more that protects computers from infection from viruses and other types of malicious software.However, over the last few years the threat landscape has evolved to the point where having anti-virus software on your computer is not enough....

Make choosing a document management solution easier with these 3 questions you should ask when determining the best electronic document management system (EDMS) for your business.

Anyone who works for a large organization knows that July isn’t just a time for fireworks and BBQs. It’s also when you plan your budget for the next fiscal year. If you work in IT, you know you’re always expected to have an answer for everything. But when it comes to planning your budget, there are really only two questions that need to be asked. Do you have enough resources on hand for the...

With the May 2019 Patch Tuesday release from Microsoft, it was revealed a number of older Microsoft operating systems are vulnerable to a condition known as BlueKeep (CVE-2019-0708). BlueKeep is a Remote Code Execution (RCE) flaw in Remote Desktop Services (RDS)/Remote Desktop Protocol (RDP) allowing code to run with system level access and is potentially “wormable” making it possible for an...

According to the Verizon Data Breach Investigations Report, published in November 2018, the #1 cause of a breach continues to be vulnerable systems left exposed and unpatched. Preventing the exploitation of vulnerabilities when using an effective solution is one of the few countermeasures that can pro-actively protect your infrastructure before an attack has even started as opposed to relying on...

Underestimating the consequences of downtime can be hugely detrimental to your productivity. Accurately calculating those costs won’t just prevent disasters, but also help you effectively manage your capacity planning efforts.