Let's Talk
Welcome to the EiQ Networks Blog

Driving Security Accountability through DevSecOps

Posted by John Linkous on Apr 25, 2017

For those of you who have been reading the EiQ Networks blog on a regular basis, you know that one of the most fundamental and unyielding tenets of the security world that we frequently point out is this: functionality and performance always – and we mean always – trump security.  For developers of new software products, hardware technologies and the emerging world of IoT, the ability to get to market as quickly as possible is the most important thing a company can do, because it gets them a market position that turns into revenue.  Because security isn’t generally perceived by companies that make commercial software and hardware as something on which people make buying decisions, it’s usually relegated to a last-minute “bolt-on”, or simply addressed after vulnerabilities are discovered by users and security analysts after the product is released.  Even after disclosure of vulnerabilities, many companies either ignore these findings or back-burner patches and fixes until the next major release of their product.  One of the “dirty little secrets” of the industry is that certain, specific vendors (we won’t name names here… but they know who they are) have had gaping holes in their products for months and sometimes even years.  Sadly, this behavior among many companies is not likely to change.

A Tale of Two Security Vendors

Posted by John Linkous on Feb 28, 2017

Over the past two weeks, the security industry has seen some disclosures (or in one case, a half-disclosure) of vulnerabilities within their products.  In at least two of these cases, we know that these vulnerabilities could have led to a significant compromise of data and systems.  But what’s really interesting about these two vendors is how they responded to the discovery.

David and Goliath Redux

Posted by John Linkous on Feb 21, 2017

In the story of David and Goliath, an underdog managed to win a contest against a much larger, stronger foe.  Looking at the state of information security today, a David-and-Goliath scenario is very much present; except David is the small and midsize business (SMB) market, and Goliath is the marauding horde of attackers, malware and other bad actors trying to break their systems and steal their data.  And just like in the biblical tale, SMB organizations are dealing with an opponent who seems impossible to defeat.

What Will be the Top Cybersecurity Threats in 2017?

Posted by Shawn O'Brien on Dec 31, 2016


Will cyberthreats will 2017 hold?

Cybersecurity is an ever-changing field. A threat that was huge ten years ago might not even be on the radar today. While it's impossible to predict the future, there are certain trends that will most likely continue into 2017. Let's take a look at some predictions for the new year. 

1. IoT-based DDoS attacks

One major threat that is looming on the horizon for 2017 is the use of distributed denial-of-service attacks. While these kinds of hacks have been around for quite some time now, the reason there will likely be a surge in 2017 has to do with the introduction of the Internet of Things.

Why a Cybersecurity Plan Should Be In Your 2017 Budget

Posted by Shawn O'Brien on Dec 28, 2016


Cybersecurity simply demands a portion of your yearly budget.

When planning out a budget for the new year, finding a place for cybersecurity can be difficult. You want to put that money toward new ventures, but you also know that a major breach can forever damage your reputation. 

To help those waffling between how much to put into digital defenses, let's review some of the biggest reasons having a plan is worth the time and money.

 

What Are PCI DSS Requirements for Retailers and Why Are They Important?

Posted by Shawn O'Brien on Dec 22, 2016


Card security has become a big problem for retailers.

While credit and debit cards are extremely convenient, they've also opened up a whole new world of fraud. This makes the systems that retailers use to process these payments seem like great targets for hackers, and organizations from every corner of the globe are scrambling to secure themselves against these threats.

One big solution to this has been the Payment Card Industry Data Security Standard. The PCI DSS is a regulatory code that tells companies how they can better defend themselves against attacks levied to steal card data. It's an important tool in the fight against fraud and should be strictly followed.

Top 3 Reasons to Outsource Your IT Security

Posted by Security Steve on Dec 21, 2016


Can an outside company help your organization's security infrastructure?

Many business leaders feel as if IT security should be a service that's kept in-house. While it's true that internal employees do need to be able to take steps to ensure the safety of company data, there are a host of advantages to allowing an experienced outside company to take the reins. 

So, what can your organization get out of outsourcing IT security? 

1. Your team may not be experienced enough

Although your IT employees are obviously very talented individuals, there's a good chance that cybersecurity isn't their main focus. While these workers surely know a good deal about this topic, it may not be enough to stop an impending cyberattack. 

How Does a Cardholder Data Breach Happen?

Posted by Vijay Basani on Dec 21, 2016


What happens when card security can't hold back the hackers?

Due to the fact that credit and debit card data can be used to anonymously purchase goods and transfer money online, this information has become highly sought after in the criminal underworld. Hackers are compensated generously for gaining access to these cards, and are therefore motivated to break into the systems that hold them. 

But exactly how do these individuals go about getting a hold of this information? Let's dive in: 

3 Reasons Why Retailers Need to Invest in Cybersecurity

Posted by Shawn O'Brien on Dec 20, 2016


Many retailers are struggling with cybersecurity.

As more services continue to move to an online environment, the importance of cybersecurity is being emphasized in every industry in the market. That said, certain sectors are feeling the pressure of this concern more than others, with perhaps the best example of this being retail organizations. 

The retail world has been repeatedly hit by cyberattacks in the past, and it doesn't look like hackers will be stopping anytime soon. It's imperative that company leaders in this field begin to prepare their businesses for the worst, so let's take a look at some reasons why retailers should beef up their current cybersecurity defenses.

Understanding the Increased Complexity of Cyber Threats

Posted by Vijay Basani on Nov 30, 2016


Cybersecurity is becoming increasingly more complex.

Is your company spending more and more money on trying to keep up with the increased complexity of cyber threats?

You're welcome to be alarmed (it's a perfectly normal response). But don't be shocked. Cybercriminals, who often have plenty of time and resources to devote to their craft, are constantly becoming more sophisticated. And companies typically have to spread their resources out to various departments, limiting their ability to fully secure themselves. Sure, most have IT teams (or at minimum a dedicated IT professional), but that doesn't mean they're completely capable of handling the complexity and vast amount of threats bombarding their servers.

Subscribe to Email Updates

How Prepared Are You to Battle Cyber Attacks?

Find out with EiQ's free cyber security readiness assessment!

Find Out Now!

Posts by Topic

See All