Two incident response phases most organizations get wrong

5 mobile security threats you should take seriously in 2018 Email not displaying correctly? View it in your browser.

CSO Update Apr 19, 2018 Two incident response phases most organizations get wrong It's important to remember: Incident response isn't a thing, it's a process. Read More ▶ Your Must-Read Stories • 5 mobile security threats you should take seriously in 2018 • SamSam explained: Everything you need to know about this opportunistic group of threat actors • 4 open-source Mitre ATT&CK test tools compared • Ransomware, healthcare and incident response: Lessons from the Allscripts attack • Customers describe the impact of the Allscripts ransomware attack • What is cross-site scripting (XSS)? Low-hanging fruit for both attackers and defenders eGuide: Veritas eGuide: A Data Protection Toolkit Data protection is one of the most formidable challenges facing organizations today. Ransomware attacks that restrict access to important data until the attacker is paid are becoming increasingly common. Moving to the cloud is an option, but it's still important to have a disaster recovery plan in hand. And what about DRaaS? This toolkit aims to offer some ideas for grappling with data protection and disaster recovery. Read More ▶ 5 mobile security threats you should take seriously in 2018 Mobile malware? Some mobile security threats are more pressing. Every enterprise should have its eye on these issues in the coming year. Read More ▶ SamSam explained: Everything you need to know about this opportunistic group of threat actors The group behind the SamSam family of ransomware is known for recent attacks on healthcare organizations, but that's not its only target. Read More ▶ 4 open-source Mitre ATT&CK test tools compared Any of these tools from Endgame, Red Canary, Mitre, and Uber will get your red team and pentesters started with Mitre's ATT&CK framework. Read More ▶ Ransomware, healthcare and incident response: Lessons from the Allscripts attack The actors behind SamSam launched a devastating attack against Allscripts in January, 2018. As Allscripts worked its incident response plan, things started to unravel. Here are the lessons learned. Read More ▶ Customers describe the impact of the Allscripts ransomware attack A ransomware attack against a SaaS provider hurts customers, but when it's a healthcare company that's hit, patients suffer. Such was the case with January's attack against Allscripts, one of the largest electronic health record and practice management technology vendors. Read More ▶ What is cross-site scripting (XSS)? Low-hanging fruit for both attackers and defenders With XSS, attackers enter malicious code into a web form or web app URL to trick the application into doing something it's not supposed to do. Read More ▶ White Paper: Hitachi ID Systems, Inc. Securing Privileged Access with Hitachi ID Privileged Access Manager (PAM) Privileged accounts, like their name suggests, are accounts designed to provide broad access to systems and data. They are an integral part of every IT infrastructure and play a key role in a large variety of day-to-day operations. Read More ▶ CSO Insider 1. 14 top tools to assess, implement, and maintain GDPR compliance 2. What are the GDPR requirements? 3. Third-party security vetting: Do it before you sign a contract 4. Separation of duties and IT security 5. Review: Bricata adds threat hunting to traditional IPS/IDS Editor's Picks 1. Rogues' gallery: 7 insiders who breached security 2. Why you don't need an RFID-blocking wallet 3. The 6 best password managers 4. 8 hot cyber security trends (and 4 going cold) 5. The 10 Windows group policy settings you need to get right

You are currently subscribed to CSO Update as jonsan98@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy Learn more about Copyright © 2018 CSO Online, 492 Old Connecticut Path, Framingham, MA 01701 Please do not reply to this message. To contact someone directly, send an email to newsletters@idg.com.