People is the most critical vulnerability in any organization

In this digital era, organizations do have world-class cyber security tools and certified experienced professionals to manage the technology to safeguard from any data breaches. Despite having adequate security controls and enforcement of IT security policies and procedures - we are still witnessing organizations compromised due to cyber attacks. Products are great, it solves most... Continue Reading →

CISO should redefine corporate security strategy

Evolution of the CISO The role for CISO has evolved in last two decades, In early year 2000 - organizations require security information officer to focus on regulatory compliance and interaction with external auditors and business stakeholders to define IT security requirements. They coordinate audits to ensure that business process are complaint. During the year... Continue Reading →

Decryption tool for the Maze ransomware

Ransomware is a type of malicious software cyber actors use to deny access to systems or data. The malicious cyber actor holds systems or data hostage until the ransom is paid. After the initial infection, the ransomware attempts to spread to shared storage drives and other accessible systems. If the demands are not met, the... Continue Reading →

Recommendations to adopt Zero Trust principles

Zero Trust is an end-to-end approach to network and data security that encompasses identity, credentials, access management, operations, endpoints, hosting environments, and the interconnecting infrastructure. 'Zero Trust Architecture provides a collection of concepts, ideas, and component relationships (architectures) designed to eliminate the uncertainty in enforcing accurate access decisions in information systems and services' NIST Operative... Continue Reading →

Part 3 : Zero Trust Network Access (ZTNA)

Zero trust network access is an IT security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are sitting within or outside of the network perimeter. In order to achieve this there is no single specific technology is associated with zero... Continue Reading →

Part 2 :Zero Trust Network Access (ZTNA)

Achieve Zero Trust Network Access (ZTNA) in an Enterprise network How to achieve zero trust network access in Internal network The security devices should have the below capabilities to achieve the ZTNA in inside networks. Ensure the network access and user access policies are restricted based on the business needs and only the intended users... Continue Reading →

Part 1 : Zero Trust Network Access (ZTNA)

Overview In a traditional security model assumes that everything on the inside of an organization’s network can be trusted, but given increased attack sophistication and insider threats, new security measures need to be taken to stop them from spreading once inside. Because traditional security models design to protect the perimeter, threats that get inside the... Continue Reading →

Deepfake – Seeing is no longer believing

What is Deepfake Deepfakes are fake videos or audio recordings that look and sound just like the real thing, today anyone can download deepfake software and create convincing fake videos in their spare time. Deepfakes exploit this human tendency using generative adversarial networks (GANs), in which two machine learning (ML) models duke it out. One ML model... Continue Reading →

Blog at WordPress.com.

Up ↑