0P3N Blog

How alignment with the NIST cybersecurity framework can help protect your business Barely a week goes by without a major cybersecurity incident making the headlines. But it’s the countless incidents targeting smaller businesses and individuals that tend to go unnoticed by the public at large. For too long have businesses taken a primarily reactive approach to cybersecurity threats. A good example ...

During COVID-19, cyberattacks have increased by over 40%. Common targets are hospital chains as REvil ransomware targets the unpatched VPN servers there! So what does it mean? Cyber attackers are not leaving any stone unturned, using all means to exploit the networks, and VPN is not exempt. With the sharp increase of VPN for home users, it becomes pertinent for ...

The "Application of the MITRE ATT&CK Framework" course by Cybrary is an excellent training offering. The course covers how to apply the attack framework to mitigate cyber threats. During the course, the 12 core areas of the MITRE ATT&CK Framework are discussed in detail. Also, learners will get detailed explanations of the various attack vectors used by ...

How the different layers of cybersecurity protect business in an evolving threat landscape As industries innovate at breakneck speed to keep up with modern demands, they’re facing a serious challenge mitigating the risks along the way. Every extra user account, device, online service, and application adds another potential entry point for cyberattackers. Attack surfaces have expanded to the point they’ve ...

As most people have witnessed during the COVID-19 pandemic, cybercriminals are more active, easily attacking organizations who never imagined having to focus on a new security front - their employees who are forced to work from home. Indeed, their infrastructures weren't ready to handle large amounts of VPN traffic, security around video conferencing, etc. As a consequence, attackers found ways ...

News leaks, sensitive information going public, companies facing lawsuits over data leakage, and more other unfortunate events occur every day. These events are caused by the negligence of the digital infrastructure that is used daily. The systems used can be poorly designed and, hence, can leak sensitive data and credentials to hackers in real-time. In this course of “Session Hijacking,” the ...

Why good negotiation skills are critical for enterprise security leadership This article was written to supplement Dr. Amoroso's course Enterprise Security Leadership: Negotiation Skills for Cyber Leaders. For decades, cybersecurity was purely the domain of the IT department. Measures to protect an organization against cyberthreats were viewed almost entirely from a technical perspective. For everyone else, cybersecurity knowledge barely extended beyond ...

Microsoft Azure is a large collection of technologies that can transform and revolutionize an entire company, within days, if not sooner. With its interwoven solutions and pay-as-you-go model, Microsoft Azure has become a sought-out destination for new and existing businesses, large and small. However, with the availability and flexibility that Microsoft offers to its Cloud subscribers, it should be noted ...

Overview The National Institute of Standards and Technology (NIST) provides a robust, risk-based cybersecurity assessment tool, known as the NIST Cybersecurity Framework (NIST CSF); or, simply as “The Framework.” 1 The original intent of the NIST CSF is to provide a cybersecurity risk-based assessment tool, to protect the nation’s sixteen critical infrastructure (CI) sectors. The Framework is also ...

Often, you’ll find that it’s the candidates who have IT certifications on their resume, which make it past the initial screening. Job recruiters may use this information to narrow down their lists of candidates and in deciding who they will call for an interview. Currently, the information technology industry is overflowing with open positions, and there are not enough qualified IT ...