Let's Talk
Welcome to the EiQ Networks Blog

Driving Security Accountability through DevSecOps

Posted by John Linkous on Apr 25, 2017

For those of you who have been reading the EiQ Networks blog on a regular basis, you know that one of the most fundamental and unyielding tenets of the security world that we frequently point out is this: functionality and performance always – and we mean always – trump security.  For developers of new software products, hardware technologies and the emerging world of IoT, the ability to get to market as quickly as possible is the most important thing a company can do, because it gets them a market position that turns into revenue.  Because security isn’t generally perceived by companies that make commercial software and hardware as something on which people make buying decisions, it’s usually relegated to a last-minute “bolt-on”, or simply addressed after vulnerabilities are discovered by users and security analysts after the product is released.  Even after disclosure of vulnerabilities, many companies either ignore these findings or back-burner patches and fixes until the next major release of their product.  One of the “dirty little secrets” of the industry is that certain, specific vendors (we won’t name names here… but they know who they are) have had gaping holes in their products for months and sometimes even years.  Sadly, this behavior among many companies is not likely to change.

Five Ways to Stop DDoS In Its Tracks

Posted by John Linkous on Apr 4, 2017

Just a few weeks ago, security researcher and journalist Brian Krebs reported on the arrest of two men who were suspected of running “vDOS,” one of the most pervasive distributed denial-of-service (DDoS) paid service networks in the world.  DDoS as a subscription service is nothing new; vDOS was in existence for well over four years, and along with other services such as “PoodleStresser” were part of the nascent but rapidly-growing distributed denial of service-as-a-service market (“DDoSaaS” – how’s that for an acronym?)

3 Signs You Should Invest in Cybersecurity

Posted by Kevin Landt on Oct 6, 2016

Cybercriminals and IT security shouldn't be taken lightly. One breach can cost your company hundreds of thousands of dollars. If you're not sure whether your company needs to upgrade or completely revamp its cybersecurity practices, here are three warning signs that indicate it should:

 

"One breach can cost your company hundreds or thousands of dollars."

1. You Don't Understand the Target

IBM executive security advisor Diana Kelley, who co-authored the IBM study "Securing the C-suite," has over two decades of cybersecurity experience. Her company has 7,000 IT professionals protecting the organization from outside threats. But even Kelley recognizes that numerous executives, even at the most influential computer institutions such as IBM, don't take IT security as seriously as they should.

What Are the Most Common Cybersecurity Challenges?

Posted by Shawn O'Brien on Oct 5, 2016


Companies always have to keep their pulse on their IT security.

There are many types of cybercriminals, and the type of data they're searching for can vary. For example, the Congressional Research Service categorizes hackers into criminals, nation-state warriors, terrorists and "hacktivists," and each has their own objectives when performing cyber attacks.

 

As a business owner, manager or industry professional, it's critical to understand the common challenges that exist when trying to defend against these cybercriminals.

3 Cloud Security Myths

Posted by Shawn O'Brien on Sep 20, 2016

 

Security as a Service has rapidly become one of the hottest cybersecurity trends in 2016. The latest shift in this trend though is the cloud-based options that are available, specifically for the managed IT security services industry. This is primarily due the cost-saving benefits associated with cloud security. Even with this shift, however, there still remains many myths about cloud security. Based on an article by David Spark published on CIO.com called 20 of the Greatest Myths of Cloud Security, EiQ has chosen three of these myths that we believe IT security professionals need to forget about immediately in order to overcome the fear of cloud security and start reaping the benefits.

 

  1. The cloud is fundamentally less secure (in fact it might be safer!)
  2. More breaches occur in the cloud
  3. Maintaining cloud security is just too difficult

Why the Cloud Is Good for IT Security Services

Posted by Shawn O'Brien on Sep 19, 2016


The cloud offers greater IT services than on-premise solutions because it's highly secure.

Can IT professionals rely on the cloud to keep their data safe and secure like they did floppy disks, compact disks and flash drives? After all, for years those units were staple features of business operations and storage. Each of those items proved their worth, but eventually fell in favor to new technology. This time, it's the cloud.

 

"It's not a matter of managing IT security as it is ensuring a breach never happens."

The question today is whether IT professionals can trust the cloud to keep their data secure all the time. Data breaches are a major problem, especially in the banking industry, so it's not a matter of managing IT security as it is ensuring a breach never happens.

The High Cost of Not Doing Enough for IT Security

Posted by Security Steve on Sep 7, 2016

 

When it comes to cybersecurity, companies today typically have three options:

  • Do nothing or the bare minimum, and hope that cyber attackers don’t find you.
  • Keep your current cybersecurity posture as is, without consistent updating or monitoring (and hope cyber attackers don’t find you!).
  • Consider EiQ’s hybrid security as a service to identify threats and vulnerabilities, mitigate risk, and achieve compliance. 

Let’s look at each of these options.

Layered Cybersecurity Provides the Best Protection

Posted by Security Steve on Aug 18, 2016

 

One need only read the headlines to know how insecure company data and networks are these days. Just a few weeks ago, U.S. health insurer Banner Health informed 3.7 million customers and healthcare providers that their data may have been stolen. This has become a fairly common scenario as healthcare records and private data are traded openly on the black market. Thinking through all of the likely attack vectors, it seems almost impossible for organizations to completely secure their intellectual property, customer data, and other corporate records. For example, employees might not know that malware need not be downloaded in a file or executable but simply through clicking on an infected banner ad or even a link in social media. If an organization has a “bring your own device” to work policy, a mobile phone or tablet infected at home can spread easily malware to the corporate network.

Data Breach Alert: Yahoo Struck by Hacker “Peace” – 200 Million Accounts Affected

Posted by Shawn O'Brien on Aug 17, 2016

Another big name gets added to the list of 2016 data breaches. Yahoo, the multinational technology company, has its hands full as it deals with trying to confirm the possibility of a data breach. The infamous hacker that goes by the tag of “Peace” has listed a cache of what allegedly appears to be 200 million stolen Yahoo user accounts for sale on the Dark Web. Yahoo has already begun a thorough forensic analysis investigation to the determine the validity of the hacker’s claims and promises that it’s taking this breach "very seriously.” According to reports by Motherboard, the cache supposedly contains usernames, passwords, and dates of birth. At this time, the stolen user data is currently being sold for 3 Bitcoins, or around $1,860, and apparently contains records from “2012 most likely,” according to hacker Peace. Peace has also provided a way to unscramble the hashed credentials, making it easier for buyers to use the stolen information once they get their hands on it.

There’s More than Meets the Eye: Going Beyond Covering Your Laptop Camera

Posted by Shawn O'Brien on Aug 10, 2016

 

In June 2016, Facebook CEO Mark Zuckerberg made The New York Times for covering his laptop camera with tape. The following explains why individuals choose to block their webcam lenses, and why this cybersecurity technique is not enough.

Subscribe to Email Updates

How Prepared Are You to Battle Cyber Attacks?

Find out with EiQ's free cyber security readiness assessment!

Find Out Now!

Posts by Topic

See All