Bite Size Security Blog
Always stay on top of cybersecurity trends, news about risks and regulations with the latest strategies that simplify your approach to dealing with them.
Blog
Breaking information risk management news and trends
Latest Updates
Building a Cyber Resilient Business in 2022 and Beyond
In 2022, businesses are still struggling to build an effective cybersecurity program to protect them from attacks. An ineffective cybersecurity program leaves them susceptible to data breaches, ransomware attacks, and other costly threats.
Cloud-native security: It’s time to get serious
A study by Canonical reveals that only 13.5% of IT pros surveyed have mastered security in the cloud native space. The study also explores the goals, benefits and challenges of cloud-native technologies; as well as the use of Kubernetes, bare metal, VMs, containers, and serverless applications.
Shifting 2022 priorities for CISOs in an evolving landscape
When you look at the landscape of cybersecurity, CISOs must always have their eyes open. It’s not an easy job to manage the security of an organization, no matter the industry or business type, or the size of the company for that matter. Every business has security risks…
Get ahead of remote work insider threat
When it comes to remote work, it makes insider threat a real challenge. SC Magazine interviewed David Reilly, the ex-CIO of the Bank of America, and he makes a clear case for why companies should address the situation sooner rather than later.
Local governments can overcome challenges with cyber insurance
Ransomware affects all types of organizations, including local governments. Cyber insurance is one of the options that is used to deal with these types of attacks. However, there is a clear need to look elsewhere for solutions due to rising cyber insurance costs and the challenges that local governments are facing with getting approved for cyber insurance policies that cover damages and potential needs for a ransomware attack.
The board and cybersecurity are a must with this new SEC policy
Everyone knows about the importance of having the board engaged with cybersecurity if you’re going to successfully implement anything security related. The latest proposal by SEC (US Securities and Exchange Commission) requires publicly traded companies to disclose some of the details regarding cyber incidents, a company’s cybersecurity capabilities, boards’ cybersecurity expertise and details on how cybersecurity is overseen by the board.
Address CMS-based site security now
An effective cybersecurity posture looks at every way cyber criminals will attempt to get into your network and gain access to your data. One of these ways are CMS-based site attacks. There are reports showing that payment card skimmers are growing and exploiting WordPress websites.
Digital transformation cybersecurity steps that work
Successful businesses always want to provide the best value to customers and maintain optimal operations. This can’t be done without adopting digital transformation advances. Digital transformation has optimized all business processes, but it also keeps transforming due to the demands of consumers and the growth of the digital space.
Check security issues for your cloud environment now
The gaps with cloud security issues are due to the immediate transition to a remote work environment that then moved back to a hybrid environment and that never really sat down to do cloud security assessments. While some companies may think that a cloud security posture management assessment service is the same as a security assessment service, they are not.
Stand out from the crowd by prioritizing cybersecurity compliance
Surveys by IBM over the years consistently show that companies are not prioritizing cybersecurity compliance and overall threats. This year was no different. 62% of companies consider cybersecurity a number one concern, with an additional 22% citing regulations and compliance in their top five…
CISO tips to address Log4j with the board successfully
With previous vulnerabilities CISOs have always addressed the board of directors in a certain way, but Log4j is different. The Log4j vulnerability requires a new approach that depends on comprehensive runtime analysis to detect, make a priority, and remediate all cases of the Log4j instances.
Details on the cyber breach reporting law
On March 15, 2022, President Biden singed into law the Cyber Incident Reporting for Critical Infrastructure 2022 with included the Consolidated Appropriations Act of 2022, which means mandatory breach reporting and no longer voluntary disclosures of cyber incidents. Read the article for the details.
It’s time to prepare
As Russia’s invasion of Ukraine continues, the U.S. CISA is warning of potential cyberattacks on U.S. infrastructure and businesses. Preparation is key to ensuring you stay operational and in business when global uncertainty increases the chances of cyberattacks.
New report reveals cyber attacker’s new playbook
When it comes to getting ahead of the cyber attacker’s new playbook, the recent “Global Threat Report” by CrowdStrike sheds some helpful light to get us going. A first look at the Report’s numbers shows that less malware, more interactive intrusions, and big game hunting lead the way.
Cybersecurity steps to get ahead of cyberattack trends
We can always do something about cyber risks and cyberattack trends, if we get ahead of them in the best way possible. This starts with knowing what you’re up against and then getting clear on the next cybersecurity steps to take so that you can match what you need to secure your business.
The Great Resignation’s impact on cybersecurity
When it comes to cybersecurity leaders leaving their jobs, it becomes quite problematic due to the inability to replace experienced security personnel with someone who has little or no experience without immediately upping your company’s risk of breach and overall insecurity.
What is new in cybersecurity services in 2022
2021 was still a significant challenge and 2022 looks to be more of the same. Cybersecurity and data privacy programs will be a major challenge for many organizations. Here’s what’s new in cybersecurity services that can help companies get cyber resilient and ahead of the new cyber threat landscape.
Cybersecurity checklist for Log4j vulnerability
The Log4j vulnerability puts any Java-based application or service at risk. As cybersecurity teams know, threat actors are always actively scanning the internet for vulnerable systems and any company that doesn’t take care of the zero-day vulnerability will be vulnerable to attack.
3-step checklist ransomware incident response plan for executives
As you saw from last week’s audit plan hot spots article, ransomware tops the list of concerns for 2022. You also noticed how the first half of 2021 had an exponential increase of ransomware attacks. To ensure you have something you can work with for cyber readiness with ransomware risks, we are giving you an executive 3-step checklist that can help you.
2022 audit plan hot spots for business executives
The pandemic brought about a lot of changes for businesses that executives were not expecting, in any way shape or form. No one could have prepared for what came because that is how unexpected it was for the whole world, but everyone did their best. Now that post-pandemic aspects are settling in (so to speak), plans for 2022 begin to take place and audit hot spots are on the agenda.
Don't Be Shy.. Get In Touch.
If you are interested in working together, send us an inquiry and we will get back to you!