Expert(s):
CISO feature_status*/ ?>
Tanium

Comments Dotted : 2
November 24, 2020

Experts Advise To Security Leaders For Computer Security Day – 30 November
A good place to start is by unifying the IT operations and security teams around a single source-of-truth.
My call to all CISOs on Computer Security Day is that you can’t manage what you don’t see. This simple statement sums up the reason for most security breaches -- a lack of fundamental IT hygiene. 'More tools' is not the solution. In fact, a complex patchwork of disparate tools that don’t integrate is what often causes organisational silos in the first place. It takes too long to find the threat, too long to remediate it and too long to ensure no other systems are vulnerable. CISOs need to .....Read More
My call to all CISOs on Computer Security Day is that you can’t manage what you don’t see. This simple statement sums up the reason for most security breaches -- a lack of fundamental IT hygiene. 'More tools' is not the solution. In fact, a complex patchwork of disparate tools that don’t integrate is what often causes organisational silos in the first place. It takes too long to find the threat, too long to remediate it and too long to ensure no other systems are vulnerable. CISOs need to recognise that unless they can ensure IT hygiene, investments in advanced security or operations tools are fruitless. To improve IT hygiene, organisations need to create a process to continuously identify assets, risks, and vulnerabilities across an environment and be able to fix them with speed and scale. A good place to start is by unifying the IT operations and security teams around a single source-of-truth.  Read Less
January 15, 2020

Major Flaw In Windows 10 Discovered By The NSA – Experts Reactions
As we have learnt from attacks like WannaCry, the failure to patch known vulnerabilities can be devastating.
The Patch Tuesday update from Microsoft revealed a critical security vulnerability in its cryptographic library used by Windows 10, Server 2016, and Server 2019. An attacker could use this vulnerability to spoof a code-signing certificate, sign a malicious executable, and make it look like it was from a trusted source. An attacker could also conduct man-in-the-middle attacks against affected software and decrypt sensitive information. As we have learnt from attacks like WannaCry, the.....Read More
The Patch Tuesday update from Microsoft revealed a critical security vulnerability in its cryptographic library used by Windows 10, Server 2016, and Server 2019. An attacker could use this vulnerability to spoof a code-signing certificate, sign a malicious executable, and make it look like it was from a trusted source. An attacker could also conduct man-in-the-middle attacks against affected software and decrypt sensitive information. As we have learnt from attacks like WannaCry, the failure to patch known vulnerabilities can be devastating. For businesses, it is essential to have visibility and control of all endpoints, such as servers and laptops, to ensure that patching of this vulnerability is completed. Organisations cannot protect assets they can’t see, so will need the most up-to-date and accurate view of their security environment to ensure they are best protected. The NSA has advised that the consequence of failing to patch could be severe and widespread, so it is imperative that security professionals and IT leaders take this action seriously and act quickly.  Read Less