I'm a cybersecurity marketer with expertise writing about endpoint, cloud, zero trust, ASM, red teaming, threat intel, and third party risk management.
Safeguarding ATMs: Mitigating IoT Security Risks
ATMs are critical points of service for consumer banks and credit unions. They empower the customer base to perform most transactions without human interaction and also mean that account holders can access their money outside of business hours. There are 3.2 million ATMs installed worldwide, according to research, with the global ATM market handling $12.6 trillion in transactions.
ATMs are the primary way that many consumers interact with their banks and credit unions. This is true not only i...
Vulnerabilities and Protection of Cyber-Physical Systems (CPS)
The digital and physical worlds are becoming more tightly interwoven every year. Smart electrical grids, autonomous cars, distributed sensors in far-flung locations, and more make it clear that the world is becoming more digitized. Conversely, as digital worlds intersect more with physical reality, there is an evolution occurring in terms of connected devices blending physical inputs and outputs with digital technology.
Known as cyber-physical systems, or CPS, this class of equipment integrat...
Securing Your IoT Ecosystem: The Role of Cyber Asset Attack Surface Management (CAASM)
Cyber asset attack surface management (CAASM) is one of the more important practices in terms of securing your critical systems. It is a blend of internal asset management and external attack surface management, to have known, context-rich inventories. The ultimate goal is knowing what you look like to potential attackers to shore up your defenses. Good CAASM helps keep attackers out, speeds up incident response processes, and helps with any audits or regulations that ask for attack surface d...
Strong IoT Security Requires Effective Forensic Analysis Capabilities
Forensic analysis of a cyberattack is complex at the best of times. Even with traditional IT equipment and cloud technologies, collecting forensic information can mean extensive manual data collection and manipulation to unify disparate types of intelligence into a coherent whole. With Internet of Things (IoT) devices, the struggle of collecting forensic information and transforming it into something useful is compounded.
Forensic analysis as a practice also helps security teams evaluate thei...
Exploring the Dangers of IoT Breaches in HVAC Technology
Smart heating, ventilation, and air conditioning (HVAC) systems are key components in connected buildings. The ability to readily monitor the temperature of a physical space has numerous applications, including ensuring worker comfort and maintaining the environment for temperature-sensitive equipment and materials. Pharmaceutical companies and medical research firms use these systems to keep chemical compounds in the appropriate temperature ranges.
The smart HVAC controls market is expected ...
The Necessity of Continuous Vulnerability Detection
Accurately discovering and patching vulnerabilities is one of the biggest issues with securing Internet of Things (IoT) devices. Finding these weaknesses in the device firmware or in the communication protocols and mitigating them quickly can mean the difference between a secure network and one that’s open to cyberattackers. This work is unfortunately complicated by the number of IoT devices.
There were 15.14 billion IoT devices deployed worldwide by the end of 2023, according to Statista, wi...
Hidden in Plain Sight: The Unseen IoT Vulnerabilities in Building Access Control
Building access control systems like smart locks and badge readers are a critical component of physical security. Without implementing something that ensures unauthorized people can’t enter a facility where they aren’t supposed to be, organizations risk granting access to secure spaces to potentially malicious actors.
Also called physical access control systems, building access control devices are included within the Internet of Things (IoT). This is especially true when remote monitoring is ...
Unpacking the Impact of the White House’s Cybersecurity Allocations on Hospitals in 2025
The White House released its 2025 budget recently to demonstrate what President Biden intends to emphasize throughout the Executive Branch in the next federal fiscal year. The budget includes a number of priorities focused on lowering taxes for working Americans, countering the drug trade, and helping grow the economy.
Also within the budget is substantial spending on cybersecurity priorities.
These stated priorities include greater spending on securing healthcare organizations nationwide, in...
Manufacturers Need to Secure Their IoT Against Remote Access Risks
Internet of Things (IoT) devices have caused a stir in the manufacturing space. Connected industrial machinery used for remote monitoring, predictive maintenance, inventory management, and more has transformed industrial workflows – making manufacturers more efficient overall.
The problem is that IoT devices manufacturers leverage their operations, for all the benefits they provide, increasing risk. We’ve written about the issues with IoT devices in the past, including weak default passwords,...
Network-Accessible Printers Pose Hidden IoT Security Risks
The office printer isn’t often considered a part of the Internet of Things (IoT). The reality, however, is that network-accessible printers and multifunction printer-copier-scanners are in fact the quintessential IoT devices. Printers that can be attached to and discovered on a corporate network present a security risk to the enterprise that’s as potentially damaging as any IoT security camera.
Network-accessible printers offer broad accessibility and connectivity within the enterprise. If a ...
Nissan Australia Data Breach Demonstrates the Wide-Ranging Impact of Ransomware
Malware & Ransomware Protection
5 min read
Ransomware attacks have a habit of continuing to impact the affected organization long after they’re resolved. The immediate costs of resolving a ransomware attack can run into the millions, with a data breach itself costing an average of $4.54 million. And that’s only the direct costs. There are indirect concerns as well, such as reduced revenue from brand damage and monitoring costs in the case of personal data being stolen.
The December 2023 ranso...
Why Data Classification is Critical for Effective Data Loss Prevention
Data Security
5 min read
Data loss prevention (DLP) is a vital component of a data security strategy. Protecting critical information from accidental or intentional removal means setting up a solution whereby the organizations’ vital data is secured against exposure. According to research, 2.5 quintillion bytes of new data are created every day, with 180 zettabytes of global data expected to be created by 2025.
The sheer volume of data created every day and every year makes preventing its acc...
Best Practices for SharePoint Data Security in 2024
SharePoint is a critical tool in a lot of companies. It’s the main vehicle for collaboration, for file storage, and for ensuring that people can access the information they need when they need it. With this incredible functionality and ability to access critical files from anywhere, defending SharePoint and the data within it is one of the most vital jobs in the enterprise. In today’s digital landscape, cyber threats are ever-evolving, making it crucial to prioritize SharePoint data security....
Kaiser Permanente Data Breach Shows Not Every Data Loss Is Malicious
Malware & Ransomware Protection
5 min read
Data privacy and data protection legislation and regulatory regimes have become more common and more stringent in the past few years around the world. In Europe, the General Data Protection Regulation (GDPR) offers expansive penalties for noncompliance and regulates how companies should protect data as well as the rights of European citizens in terms of ownership over their data.
Healthcare companies in the U.S. that work with patient data have the H...
Limit Accidental SharePoint Data Loss With Better Security
Employees can be one of the biggest culprits of SharePoint data breaches. They don’t even need to be maliciously trying to steal data, simply accessing information that’s not necessary for their roles or copying data that they shouldn’t.
Accidental data loss, often stemming from user negligence or lack of awareness, can be just as damaging as a deliberate attack. Insider threats could end up costing around $15 million per incident on average, according to Code42 research. This is a significan...