|
Dear Reader,
Welcome to the first newsletter of Cyber Protection Magazine. In our newsletter, we provide you with the most interesting articles on cybersecurity topics on a regular basis. We will not be focusing on product announcements or run after trending headlines, but will suggest articles which provide insight, background and practical knowledge of cybersecurity.
If you have feedback for us, think we have overlooked an important topic or for any other comment you might have, you're welcome to contact us.
For this first newsletter, we have something special for you: a coupon which gives you 15% off all website purchases at our partner Sectigo - one of the first benefits you can enjoy for subscribing. That being said, enjoy our first newsletter.
Best regards
Patrick Boch & Lou Covey
Editors |
| |
CDR
We did a deep dive into Content Disarm and Reconstruction (CDR) in the first quarter of the year with a podcast, a virtual round table, and two contributed articles from leaders in the sector. It’s been around a long while but is becoming a crucial way to protect networks by identifying malware embedded into content on websites, emails and social media.
The holy grail of cybersecurity is to protect networks and data so completely that users never notice it’s being done. We aren’t there yet, but as CDR becomes ubiquitous it might just get us there. |
| |
|
How CDR improves file security |
|
CDR technology is rapidly becoming one of the most sought-after market segments in cybersecurity. Which is not surprising, given the benefits of CDR - read how CDR improves files security… |
|
|
| |
|
CDR is a crucial security tool… that no one knows about |
|
Securing an organization's data isn't easy, and the various products and services dedicated to the process make it even more difficult to know what to do. A relatively tiny section… |
|
|
| |
|
Virtual Roundtable: Artificial Intelligence in Detection and Response |
|
XDR, SIEM, SOAR - there's a ton of acronyms which, in essence, deal with threat intelligence. Are you confused yet? We certainly were and tried to set the matter straight… |
|
|
| |
Zero Trust doesn’t exist, at least not in the supply chain
Zero Trust is the favorite buzzword of the cybersecurity industry marketing departments. And like many buzzwords, it lacks a lot of substance. In a podcast with Warren Savage, University of Maryland researcher in securing the supply chain said it’s more like the best we can hope for is almost zero trust. Kamel Heus, VP EMEA at Centrify Corporation, backs up that assertion in his contributed article. "At the heart of the matter is a sobering truth that hackers …walk in through the front door by using weak, default, stolen, or otherwise compromised credentials.”
We plan on looking deeper into this as new reports are demonstrating just how far we have yet to go. Garner research shows that through 2022 it is expected that 95 percent of security breaches were due to employees bringing in unprotected and infected devices into a network. Firemon, a network security policy platform conducted a webinar on audits of network sectors and found that 50 percent of network endpoints in the financial sector alone are unknown to IT. That warrants some investigation. |
| |
|
Zero Trust - Why There’s No Time To Waste |
|
Most of the users of any given computer system are not humans, but machines, often transmitting and receiving sensitive data. A good Zero Trust strategy should focus on both humans… |
|
|
| |
|
|
|
Supply chain headaches abound along with potential fixes |
|
This interview with Warren Savage, guest researcher at the University of Maryland in IoT security is a follow up to an interview I did with him last year at the @DesignCon conference in Santa Clara. |
|
|
| |
| |
|
Yay! Finally! A Way to Secure the Supply Chain!
And because we know there are other publications offering good content, we offer this column from EEJournal. Clive Maxfield tackles a novel way to secure global supply chains. |
| |
Women in Security
One of the reasons we began Cyber Protection Magazine is to make the industry more attractive to marginalized people in the workforce, which includes people of color and women, primarily. It’s a technology niche that has more job openings than any others, which means those marginalized folks have better opportunities for well-paying, upwardly mobile and management positions. Back in March, for international Women’s Day, we interviewed Martha Chrysander, the head of product marketing for the LogPoint CTO Office. She is responsible for products’ go-to-market strategy, customer engagement and industry leadership to increase product sales and the visibility of LogPoint solutions and their benefits. She’s got a compelling argument why women looking for careers in technology would first consider cyber security.
But we don’t want to just have a token interview on the subject, so we are actively promoting the WomenTech Global Conference (#womentech), a virtual conference for women in tech, minorities and allies from all over the world. |
| |
|
Women in Cybersecurity: Interview with Martha Chrisander |
|
For today's international women's day we interviewed Martha Chrisander of LogPoint. Why are there so few women in cybersecurity, we wondered - read her answer here: |
|
|
| |
SASE is not just an envelope
To millions of people in the direct mail world, SASE stands for “self-address, stamped envelope” which are used by mass marketers and governments to encourage recipients to respond by snail mail. The security world however has adopted it for “secure access service edge”. In an extensive interview with Nathan Howe, a 20 year security veteran currently working as a cloud security specialist for Zscaler, we got deep in the weeds on the subject. Just to make sure you can fallow along, some of the alphabet soup discussed includes, software-defined networking in a wide area network (SD-WAN) cloud access security broker (CASB), and network accessed storage (NAS)
This is important for those millions who use an SASE to pay utility bills because as computing moves into the cloud, keeping it secure requires a certain set off practices and tools that make up the Secure Access Service Edge. |
| |
|
The benefits of Zero Trust for on-premises scenarios |
|
What is Zero Trust? Although Zero Trust offers a host of benefits for enterprises, many companies struggle to figure out where and how to start. We spoke with Nathan Howe… |
|
|
| |
|
Finally, as promised, here is the coupon for Sectigo:
CyberProtectionMag2021
Thanks for reading and if you liked our newsletter, please share it with friends and colleagues. |
| |
|
