A few years ago, if the average person heard the term ‘ransomware’ they might have imagined the fashion ensemble of a kidnapper. Fast forward to today and most everyone one is now familiar with ransomware one way or another. Most ransomware infects target computers when unsuspecting users click on an attachment or link usually embedded in an email. … [Read more...]
SecOps IT Security & Compliance Blog
Delivering effective IT security and compliance means enabling Security and Operations teams to work effectively together. This is how IT can deliver what the business needs: secure and reliable IT services.
Learn about IT Security and Compliance in BMC's complete guide.
It’s no surprise that when Security and Operations (SecOps) are more closely integrated, they are in a better position to minimize risk and ensure compliance while keeping up with the demands of digital business. For example, when security sends scans of vulnerabilities over to IT Operations for remediation, operations people can more quickly … [Read more...]
Wikipedia describes an insider threat as "a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. The threat may involve fraud, the theft of … [Read more...]
In today’s world, data and protecting that data are critical considerations for businesses. Customers want to ensure that their information is secure with you, and if you can’t keep it safe, you will lose their business. Many clients with sensitive information actually demand that you have a rigid data security infrastructure in place before doing … [Read more...]
The clock is ticking As digital business expands and consumers increase their online activities, protecting privacy and ensuring security is more important than ever. The EU General Data Protection Regulation (GDPR) becomes effective in May 2018, with new regulations to meet these challenges. If you conduct business with EU customers, you’ll … [Read more...]
The WannaCry vulnerability that impacted more than 150 countries and took down computer systems in UK hospitals, stopped train service in Germany, and disrupted institutions in Asia and other areas, is a dramatic example of what could have been prevented by a patch that was originally released about 60 days ago. In fact, most breaches are … [Read more...]
The news headlines and social media comments about IT security vulnerabilities remain consistent – and they may cause you to take a closer look at what can be done to protect your organization. It seems like "another day, another data breach, another cyber attack, and another failed security audit." Fortunately, there are steps you can take to … [Read more...]
So, CVE-2017-0144 https://nvd.nist.gov/vuln/detail/CVE-2017-0144, a vulnerability that was identified about two months ago (published Mar 16 2017), is now being widely exploited in the wild, most visibly impacting hospitals in the UK’s National Health Service to the point that they’ve had to redirect incoming patients to other facilities. This … [Read more...]
Understanding and managing risk Security teams often use a variety of vulnerability management and response tools to assess and address the vulnerability situation across the organization, frequently using different sets of tools for different environment types. This often makes getting a single picture of the current risk profile difficult as … [Read more...]
An accelerating vulnerability landscape As organizations work to accelerate their digital transformations and infrastructure becomes increasingly more dynamic, security vulnerabilities continue to be a major concern. Taking into account the sheer number of known vulnerabilities, it is becoming increasingly difficult to effectively manage the … [Read more...]