Many organizations have not established basic account policies which control how

Many organizations have not established basic account policies which control how to handle credentials or grant third parties access to their internal networks directly. For example, the security breach experienced by retailer Target. Target eventually proposed to pay $10 million to settle a class-action lawsuit over its massive 2013 data breach, according to court documents… Continue reading Many organizations have not established basic account policies which control how

Published
Categorized as IT, Web

CSID found that amongst U.S. consumers, 61% reused the same password across mult

CSID found that amongst U.S. consumers, 61% reused the same password across multiple sites and 46% of them had 5 or more passwords to remember. You can, of course, use a federated system, which is used by platforms such as Facebook, Twitter, Google, Papal, and Amazon as an alternative to a username and password. See:… Continue reading CSID found that amongst U.S. consumers, 61% reused the same password across mult

Published
Categorized as IT, Web

U.S Federal regulators lifted all uncertainty when they announced it was lawful

U.S Federal regulators lifted all uncertainty when they announced it was lawful to hack or “jailbreak” an iPhone, and declared that there was “no basis for copyright law to assist Apple in protecting its restrictive business model.” By hacking your device, you can potentially open security holes that may have not been readily apparent, or… Continue reading U.S Federal regulators lifted all uncertainty when they announced it was lawful

Published
Categorized as IT, Web

The use of repeated challenges is intended to limit the time of exposure to any

The use of repeated challenges is intended to limit the time of exposure to any single attack. Password Authentication Protocol (PAP) and Challenge-Handshake Authentication Protocol (CHAP) are authentication protocols used for establishing authenticated network connections. In your opinion discuss 3 problems with using Challenge Handshake Authentication Protocol CHAP as an authentication protocol To the writer:… Continue reading The use of repeated challenges is intended to limit the time of exposure to any

Published
Categorized as IT, Web

Evaluating The Implementation of NIST Cybersecurity Framework (version 1.1) As

Evaluating The Implementation of NIST Cybersecurity Framework (version 1.1) As part of the University’s implementation of the NIST Cybersecurity Framework, an organization-wide security assessment resulted in a prioritized data security mitigation and remediation plan –which became a launch point for an ongoing dialogue on a more holistic approach to security issues in general. Situation: The… Continue reading Evaluating The Implementation of NIST Cybersecurity Framework (version 1.1)
As

Published
Categorized as IT, Web

Single Sign-On (SSO) is an exceptionally convenient access management mechanism.

Single Sign-On (SSO) is an exceptionally convenient access management mechanism. Single sign-on is a mechanism used to simplify the login process for a connected group of websites and applications. “Multi-partner SSO worries me tremendously,” Kenneth S. Robb, a Cyber Security & Risk Consultant at Citadel Cyber Solutions. “It falls squarely in the “Convenience” model for… Continue reading Single Sign-On (SSO) is an exceptionally convenient access management mechanism.

Published
Categorized as IT, Web

Gathering requirements and collecting data are important elements in learning ab

Gathering requirements and collecting data are important elements in learning about the organization’s security posture status, and as input to any proposal or action plan for improvements. There are many methods of collecting data and information. After reading the article Setting the Course PDF on … about gathering and analyzing project requirements, write an initial… Continue reading Gathering requirements and collecting data are important elements in learning ab

Published
Categorized as IT, Web

Historically, there has been a range of well-structured attacks on many embedded

Historically, there has been a range of well-structured attacks on many embedded systems, ranging from HVAC to vehicle control systems. Many embedded systems are mainly secured by strong password protection and encryption protocols such as Secure Socket Layer (SSL) or Secure Shell (SSH). While IP networks employed firewalls, embedded systems do not commonly employ these… Continue reading Historically, there has been a range of well-structured attacks on many embedded

Published
Categorized as IT, Web

Based on market trends, Gartner predicted security spending worldwide would have

Based on market trends, Gartner predicted security spending worldwide would have reached approx. $86 billion in 2016 and exceed this amount by 2020. However, there has been no evidence that this increase in spending has led to better security for many organizations. Maybe the real problem might be too much focus on investments in security… Continue reading Based on market trends, Gartner predicted security spending worldwide would have

Published
Categorized as IT, Web