Talk to Our Experts  

Information Risk Management Blog

6 IoT Security Worries that could ruin your Internet-of-Things Party

[fa icon="calendar'] Sep 8, 2016 2:03:28 AM / by Anupam Bonanthaya posted in Digital Security, basics of digital security, IOT security

[fa icon="comment"] 0 Comments

Reported Security Incidents on IoT (Internet of Things) components have increased 152% between 2014 and 2015. Looks like it will be even higher at the end of 2016.

This is at a point where the number of smart devices is expected to jump 5 X from 5 Billion in 2015 to 25 Billion in 2020, conservatively speaking. 

Internet of Things is becoming a favourite target for cyber attackers, and it is a no-brainer to predict that it will only become worse. 

More Smart Devices = More (Sensitive) Data = Higher Risk

In this post, check out the 6 basic security concerns with Internet of Things that you need to pay attention to, in order to enjoy the ride without falling off the roller coaster.

Read More [fa icon="long-arrow-right"]

10 Basic Things Every Organization MUST-DO for Cybersecurity

[fa icon="calendar'] Aug 26, 2016 2:08:05 AM / by Anupam Bonanthaya posted in Cybersecurity, Cyber Security, Information security, basics of cyber security

[fa icon="comment"] 9 Comments

These days, it is a rarity if there is no news of a high profile cyber attack or breach every week or so. This week was the French Submarine builder DCNS who is building defense submarines for India, Australia, Malaysia and Chile.  Last week was SAGE. The week before was Oracle.

It is a common misconception that only high profile companies in specific industries get attacked. In reality every organization - big or small, across all industries is a target. Or that is what the data says.

The ones who hog the headlines just got lucky.  

We put together a check-list in an infographic format to cover the basics of information security. 10 basic things that every organization must pay attention to in-order to stay away from the headlines when it comes to cybersecurity.

Read More [fa icon="long-arrow-right"]

Managing Information Risk For Digital Age: Why It's Not About Security

[fa icon="calendar'] Jul 20, 2016 11:55:59 PM / by Sameer Shelke posted in Information security, infosec, Gartner, information risk, Digital Security

[fa icon="comment"] 0 Comments

Recently I had the opportunity to interact with industry thought leaders, analysts, practitioners and solution providers during the Gartner Security & Risk Management Summit.

I decided to approach the discussions as a student, with the objective of unlearning and learning. After more than two decades in the information security industry, it was a refreshing change to listen and learn without the "baggage” of pre-existing opinions.

Read More [fa icon="long-arrow-right"]

Pokemon GO - Security lessons you just cannot afford to miss !

[fa icon="calendar'] Jul 15, 2016 5:41:46 AM / by Anupam Bonanthaya posted in Application security, Security, Digital Security, Pokemon Go

[fa icon="comment"] 1 Comment

This week in technology has been disruptive to say the least !

Pokémon GO, a location-based augmented reality mobile game has broken all previous records.

The mobile app has become so popular that it has become a social media phenomenon.  

So much that it is something that has changed and united the world for once. Now we all have a reason to believe that this game can solve all our problems !

Not the gaming kinds? It is still worth paying attention because it impacts all of us. Read on to know how...

Read More [fa icon="long-arrow-right"]

Why Security Analytics, What are Your Choices, and When?

[fa icon="calendar'] Jul 13, 2016 1:32:09 AM / by Anupam Bonanthaya posted in Information security, SIEM, security analytics, SAVPbyAujas

[fa icon="comment"] 0 Comments

By today i.e. 2016, 1/4th of large global companies are expected to have adopted big data analytics for at-least one security use case! (source: Gartner)

If you belong to the remaining 75% majority OR even if you are in the 25% but got it all wrong the 1st time around - please read-on


Read More [fa icon="long-arrow-right"]

Will a Bug Bounty Program Make Your Enterprise Secure?

[fa icon="calendar'] Jun 28, 2016 3:30:35 AM / by Anupam Bonanthaya posted in Cybersecurity, Vulnerability management, vulnerabilities, responsible disclosure, Threat Management, bug bounty

[fa icon="comment"] 2 Comments

What is common between "Hacking the Pentagon" and "Hacking Google CEO's Quora account"?

It is Bug Bounties ! The former was a super successful bounty program run by the US government last month. The latter is a hacking incident this week, "in-spite" of Quora having a bounty program.

So the million $ security question - If you are an enterprise CISO, should you go for a bug bounty program?

Read More [fa icon="long-arrow-right"]

CISOs - 10 Questions to Find if Vulnerability Management is Working

[fa icon="calendar'] Jun 22, 2016 2:09:36 AM / by Anupam Bonanthaya posted in Vulnerability management, Vulnerability Intelligence, SAVP, security analytics, vulnerabilities

[fa icon="comment"] 0 Comments

What is common in almost all incidents of criminal hacking ?

It is software vulnerabilities !

It is not rocket science to tell that. We all know it, yet we struggle with challenges in the vulnerability management programs ?

In this article I am covering 10 questions that you need to ask as the CISO to know if your vulns management is working. 

Read More [fa icon="long-arrow-right"]

10 Ways CIOs & CISOs Can Beat Talent Crunch in Information Security

[fa icon="calendar'] Jun 15, 2016 2:18:12 AM / by Anupam Bonanthaya posted in Cybersecurity, Information security, Security, talent, SOC, security analytics, security services, hiring, infosec, managed security

[fa icon="comment"] 0 Comments

Information Security has jumped 33% to become Top-3 Priority for IT Executives in 2016. Now with the increasing importance of information security to organizations, the biggest hurdle is no longer buy-in from the board or even the budget $ - It is the "availability of talent" !

Information Security professionals are on the top when it comes to talent crunch. In this article I will cover 10 ways to deal with the talent shortage you are facing today. 

Read More [fa icon="long-arrow-right"]

How to Make SIEM to Mitigate Advanced Threats ?

[fa icon="calendar'] Jun 7, 2016 8:05:23 AM / by Chandra Prakash Suryawanshi posted in SIEM, Managed SOC, Advanced Persistent Threat (APT), SOC, Qradar, RSA, Splunk

[fa icon="comment"] 3 Comments

I was not surprised to see a report from Mandiant that said the following -

  • 100% of the breaches had updated Anti-Virus software
  • 63% of the breaches were reported by third parties
  • It took 243 days to detect an attack

It is very clear that existing monitoring capabilities are no match for the changing threat landscape. The traditional technologies lack the sophisticated capabilities and visibility required to detect and protect against such advanced attacks.

So what is the problem ? and what are the options ?

Read More [fa icon="long-arrow-right"]

4 Immediate Changes to make Traditional Vulnerability Management to Work

[fa icon="calendar'] Jun 2, 2016 8:05:00 AM / by Amit Ranjan posted in Cybersecurity, Vulnerability management, Vulnerability Intelligence, zero day, security analytics, vulnerabilities, cyberthreat, infosec, vulns

[fa icon="comment"] 0 Comments

We all know that traditional find and fix practice of vulnerability management has many challenges, and as a result is not really equipped to do a good job of managing exploits in today's information security scene. 

In this article I want to talk about the 4 things you should do in order to make it work better.

Read More [fa icon="long-arrow-right"]

Other Popular Posts


Case Studies