SecOps IT Security & Compliance Blog

Delivering effective IT security and compliance means enabling Security and Operations teams to work effectively together. This is how IT can deliver what the business needs: secure and reliable IT services.

Learn about IT Security and Compliance in BMC's complete guide.

Top 5 Cyber Practices To Keep You Safe

BY

People assume that staying safe from cyber hackers requires a lot of money. While spending money in the right area is important, common sense features costing little to no money and are the most effective defenses to thwart a cyber attack. Let’s face it, no one is 100% safe from cyber hackers so each of us needs to be vigilant to protect our … [Read more...]

IT Security vs IT Compliance: What’s the Difference?

BY

For some IT professionals, the line between security and compliance becomes easily blurred and may seem like a moving target. How do we create comprehensive security programs while meeting compliance obligations? Is checking the compliance box really enough? And how does all this enable the business to function and move forward? These are questions … [Read more...]

Hacking the Internet of Things – It’s as Simple as ABC

BY

Gartner estimates that 8.4 billion connected things will be in use worldwide this year, up 31% from 2016, and will reach 20.4 billion by 2020. The Internet of Things is replete with cars, electronic appliances, heating and lighting systems, medical devices, pipelines, power meters, printers, sensors, routers, security systems, smart cities, … [Read more...]

The Future of Ransomware

BY

A few years ago, if the average person heard the term ‘ransomware’ they might have imagined the fashion ensemble of a kidnapper. Fast forward to today and most everyone one is now familiar with ransomware one way or another. Most ransomware infects target computers when unsuspecting users click on an attachment or link usually embedded in an email. … [Read more...]

Insider Threats: The Good, the Bad, and the Ugly

BY

Wikipedia describes an insider threat as "a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. The threat may involve fraud, the theft of … [Read more...]

How to Make WannaCry a Non-event: Ransomware’s Got Nothing on Us

BY

The WannaCry vulnerability that impacted more than 150 countries and took down computer systems in UK hospitals, stopped train service in Germany, and disrupted institutions in Asia and other areas, is a dramatic example of what could have been prevented by a patch that was originally released about 60 days ago. In fact, most breaches are … [Read more...]