SecOps IT Security & Compliance Blog

Delivering effective IT security and compliance means enabling Security and Operations teams to work effectively together. This is how IT can deliver what the business needs: secure and reliable IT services.

Learn about IT Security and Compliance in BMC's complete guide.

The Future of Ransomware

BY

A few years ago, if the average person heard the term ‘ransomware’ they might have imagined the fashion ensemble of a kidnapper. Fast forward to today and most everyone one is now familiar with ransomware one way or another. Most ransomware infects target computers when unsuspecting users click on an attachment or link usually embedded in an email. … [Read more...]

Insider Threats: The Good, the Bad, and the Ugly

BY

Wikipedia describes an insider threat as "a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. The threat may involve fraud, the theft of … [Read more...]

How to Make WannaCry a Non-event: Ransomware’s Got Nothing on Us

BY

The WannaCry vulnerability that impacted more than 150 countries and took down computer systems in UK hospitals, stopped train service in Germany, and disrupted institutions in Asia and other areas, is a dramatic example of what could have been prevented by a patch that was originally released about 60 days ago. In fact, most breaches are … [Read more...]

10 Surprising Findings about Operationalizing Security

BY

The news headlines and social media comments about IT security vulnerabilities remain consistent – and they may cause you to take a closer look at what can be done to protect your organization. It seems like "another day, another data breach, another cyber attack, and another failed security audit." Fortunately, there are steps you can take to … [Read more...]

How SecOps Response Service Addresses WannaCry Ransomware

BY and

So, CVE-2017-0144 https://nvd.nist.gov/vuln/detail/CVE-2017-0144, a vulnerability that was identified about two months ago (published Mar 16 2017), is now being widely exploited in the wild, most visibly impacting hospitals in the UK’s National Health Service to the point that they’ve had to redirect incoming patients to other facilities. This … [Read more...]

Vulnerability Remediation – to the Cloud and Beyond!

BY

Understanding and managing risk Security teams often use a variety of vulnerability management and response tools to assess and address the vulnerability situation across the organization, frequently using different sets of tools for different environment types.   This often makes getting a single picture of the current risk profile difficult as … [Read more...]