154 Results Found
Whether you are operating a home system, overseeing a small startup, or performing security governance for an enterprise, everyone can benefit from paying attention to security. This white paper provides a list of 10 security tools and tests that will help you check out suspicious issues and keep ahead of new risks and threats.
Cybersecurity professionals are in hot demand, and it’s not out of reach to become one. Learn why a career in cybersecurity can be a fulfilling and smart career move.
The flexibility, reduced cost, and mobility of cloud computing have made the concept a hot topic. Before implementing this method of computing, however, it is important to consider the security of the "cloud." In this white paper, you will learn some of the risks and benefits of cloud computing to be sure it is the right solution for you.
Security is complicated, which has led to the many misconceptions and misunderstandings about security. By paying attention to these 10 concerns that security experts want you to know, you can gain knowledge and understanding about security and be securer both at work and in your personal life.
Many security breaches over the last year have taught us new lessons (or clarified ones we should have already learned). This paper reviews these key issues and focuses attention on 10 responses that we all need to adopt in our approach to security in 2015.
Private networks are under constant threat of attack, even when steps have been taken to "secure" them. The large volume of malicious codes, and their ability to evolve and adapt, requires security professionals and common computer/internet users alike to be mindful of their actions and constantly play defense. This white paper focuses on 10 common ways that malicious code can penetrate a network. Knowledge of these methods and the ability to recognize them are the first steps in preventing them from succeeding in harming your network.
IT departments have multiple opportunities and challenges as a result of the Bring Your Own Device (BYOD) invasion. The most common opportunity is to reinforce enterprise network security from both the inside and the outside. Supporting BYOD also offers more monitoring and tracking of activities that provide a more detailed view of network traffic flow. Alternatively, it will be a challenge for some IT departments to give up control over which devices may access their enterprise network. Another challenge will be to have the users doing configurations for network access, which adds human error to a crucial part of the process. The opportunities and challenges BYOD represents are real. Enterprises must make their network infrastructure BYOD ready to meet the onslaught.
Which mainstay certifications should be in your list of credentials? What's the next up-and-coming certification? This article will help you answer both questions by providing a review of the 15 top-paying certifications.
ISACA certifications are some of the most popular and highest-paying in the Global Knowledge 2019 IT Skills and Salary Report. Eleven percent of IT professionals in the United States and Canada are ISACA-certified, and their salaries are 12% above the North American average.
Gaining access is the most important phase of an attack in terms of potential damage, although attackers don’t always have to gain access to the system to cause damage. For instance, denial-of-service attacks can either exhaust resources or stop services from running on the target system. Stopping a service can be carried out by killing processes, using a logic/time bomb, or even reconfiguring and crashing the system. Resources can be exhausted locally by filling up outgoing communication links.
Cybersecurity has matured into a complex and diverse set of functions. Each of these functional specializations represent different roles requiring different knowledge, skills, and abilities.
The Target breach exposed the credit card information of 40 million customers and made huge international headlines. But, the entry point should have been the real story. No matter how solid a company’s cyber defense, they have to be concerned with their entire cybersecurity exposure, including supply, partner and support chains. In the Target case, there were errors throughout. It was a breach waiting to happen.
It should come as no surprise that in this modern era of digital data we need encryption. But what exactly is it? How do you know what kind of encryption you need? If you were to ask someone what kind of encryption they use, they may respond with a specific encryption-based product, like full-disk encryption. Or they may mention an encryption-based protocol, like HTTPS (HyperText Transport Protocol over SSL). But encryption is much more complicated than that.
There are several advantages to implementing a route-based VPN (a.k.a. tunnel interface VPN) instead of a site-to-site one. Learn more.
The subject of this week’s post was actually prompted by a question from a former colleague. Soon after the PIX Firewall added support for IPSec Virtual Private Networks, a command was added to the command-line, sysopt connection permit-ipsec. This command was subse...
With Forrester Research declaring "Waterfall processes have become obstacles to speed, quality and predictability," and more than 85% of CIO's surveyed by CIO Magazine using or planning to pursue Agile practices in 2014, this one-hour webinar will explore the basics of Agile and why so many organizations are adopting Agile methods.
The Global Knowledge IT Skills and Salary Report is a window into the inner workings of IT departments, revealing insights and opinions held by professionals around the world. For 10 years, we have surveyed over 120,000 men and women in IT about the state of the industry. With a decade of data at our fingertips, we analyzed 10 years’ worth of reports and noticed four major trending areas: certifications, salaries, cloud computing and cybersecurity.
I recently was presented with the challenge of logging ALL of the pertinent connection, disconnection, and termination messages associated with the Cisco SSL AnyConnect client without overwhelming the syslog capture display with extraneous messages. This blog will br...
Constant change in the technology landscape has been mirrored by the steady evolution of information security. The current information system environment is increasingly complex, comprising storage, servers, LANs/WANs, workstations, Unified Communications, Intranet, and Internet connections.
With Microsoft SQL Server 2016, you can distribute your data to the cloud using the Stretch Database feature to improve local access while allowing cloud access to large amounts of historical data. You can also provide transparent end-to-end security using Always Encrypted technology and track changes automatically through temporal data. Download this white paper to learn why these features and more make SQL Server 2016 Microsoft's most important release to date.
As any network administrator will tell you, the ASA Security appliance (as well as its forerunner, the PIX) are capable of generating massive amounts of log messages, especially when the firewall/security appliance is set to log messages at debug level to the syslog...
Understand how password length and complexity can make your passwords easy to guess or virtually impossible to bypass.
Projects are a social endeavor. Traditional project management approaches have shied away from the social advantages a more agile project environment brings. By nature, we are storytelling, pattern seeking and social people. We need colocation to shine truly in a project environment.
CompTIA has become one of the most recognized and respected names in IT certifications, from the first A+ back in the 1990s to today with over a dozen vendor-neutral certifications covering a variety of topics. At first glance, it may seem daunting trying to figure out which certifications you should pursue and what it takes to pass the exams. But do not fear! CompTIA has streamlined their certification process. Let this white paper be your guide along your CompTIA journey. We will explain the certifications, the order to take them, how to prepare for the exams and the details of the testing experience.
Despite advances in security, hackers continue to break through network defenses. In this hour-long webinar, network security specialist Catherine Paquet will examine the favorite methods and targets of hackers and will introduce you to the different categories of security technologies. In this foundational presentation, you will learn about the benefits of security solutions such as firewalls, VPNs, IPS, identity services and BYOD.
Business Continuity and Disaster Recovery (BC/DR) planning is the process of developing the plans, processes and procedures to respond to the range of incidents. We start with understanding the essential functions of an organization, called Business Impact Analysis (BIA). In life, we set the same priorities: protection of family and friends, shelter, food and water and other life-giving essentials.
Agile is a set of principles requiring a significant cultural shift, new paradigms in thinking and team organization. Over the years, Agile has become "productized" or in many cases "institutionalized", creating different flavours and levels of commitment among teams and organizations. Along the way, managers and team members have lost sight of Agile's principles and tried to enforce the use of certain tools and structure where they may not belong. In this one hour webinar, Perry McLeod will explain how tools such as use cases can be successful in an agile environment, provided the principles of agile are always active in the minds of the managers and the team members that are using them. Join Perry to determine whether or not making the cultural shift towards the use case method in an agile environment is the right move for you and your organization.
The value of IT certifications has grown considerably over the last decade. Examine the evolution of certification trends, see the top-paying certifications and learn how decision-makers are struggling to hire certified employees.
(ISC)2’s CISSP (Certified Information System Security Practitioner) is a widely desired indicator of cybersecurity knowledge, experience and excellence on the resume of many IT professionals. Learn how to prep for the most comprehensive and in-demand cybersecurity certification.
This white paper discusses the importance of the CISSP certification, identifies the changes in topics, reveals the complexity of the new testing format, and provides guidance for your preparations towards successfully passing the CISSP exam.
In spite of an organization's best efforts to prevent downtime and avoid compromises, failures will still happen from time to time. “There are only two types of companies: those that have been hacked, and those that will be. Even that is merging into one category: those that have been hacked and will be again,” (FBI Director Robert Mueller). So what is your organization doing about it? How do you plan for failures and security breaches?
Consider how many financial transactions are performed on the Internet everyday. Protecting all this data is of upmost importance. Cryptography can be defined as the process of concealing the contents of a message from all except those who know the key. Cryptography can be used for many purposes, but there are two types of cryptographic algorithms you need to understand, symmetric and asymmetric. Symmetric uses a single key, whereas asymmetric uses two keys. What else is required to have a good understanding of cryptography? It’s important to start with an understanding of how cryptography relates to the basic foundations of security: authentication, integrity, confidentiality, and non-repudiation.
Course director Jim Thomas explains how our custom labs, which utilize external hosts, ISR routers, and DMZ, provide a real-world environment for students.
Discover the ways in which cybercrime occurs in three realms: individual, business, and governmental. Learn what you can do to protect yourself and your organization.
When trying to keep your intellectual property safe, the right cybersecurity framework is important. Gain a general overview of different cybersecurity frameworks and why they matter to your organization.
You have spent money on software and hardware, implemented best practices, and believe you are secure, right? You may have overlooked the weakest link: your employee. Many breaches occur as a result of an employee mistakenly clicking on a link or visiting a site that allows a virus to be unknowingly downloaded, giving hackers access to your network. Today, a well-trained workforce is a necessity and may even be your most important cybersecurity tool. In this webinar, security expert David Willson will discuss how many breaches have occurred and are occurring, the tools and techniques hackers use to trick employees into clicking on links or opening attachments, and how to prevent such behavior.
Everything from wearables and smart homes to drones and ad blockers could be increasingly susceptible to hackers in 2016, according to cybersecurity expert James Michael Stewart. In this white paper, Stewart predicts that a wide range of disastrous data breaches will occur this year as hackers have adapted to the latest technologies to automate attacks on today's devices and software.
This video focuses on the roles and responsibilities of cybersecurity architecture and policy job functions at successful cybersecurity organizations.
This video focuses on the roles and responsibilities of cybersecurity data loss prevention engineers at successful cybersecurity organizations.
This video focuses on the roles and responsibilities of governance, risk, and compliance job functions at successful cybersecurity organizations.
This video focuses on the roles and responsibilities of identity and access management job functions at successful cybersecurity organizations.
This video focuses on the roles and responsibilities of incident response and forensic analysis job functions at successful cybersecurity organizations.
This video focuses on the roles and responsibilities of penetration testing job functions at successful cybersecurity organizations.
This video focuses on the roles and responsibilities of secure devops and devsecops job functions at successful cybersecurity organizations.
This video focuses on the roles and responsibilities of secure software development job functions at successful cybersecurity organizations.
As an IT professional you deal day in and day out with securing operating systems, patching software, installing and configuring firewall and routers But what about the physical infrastructure? Do you understand how simple techniques can allow theft of your company resources? In this session we will discuss how to reduce the possibility of loss of data and equipment. Physical security may not be part of your job but you should be aware and having discussions with the personnel who are responsible. Or does Physical Security become one of your job responsibilities? Come to this session and learn about one of the most important and yet least thought about areas of security by IT professionals.
Experts agree that as long as there is data, there will be people trying to steal it. For every defense mechanism put in place, there is someone who will find a way to get around it. Constant vigilance, education of the workforce, and management support are all necessary to implement effective security policies. While a well-trained IT staff is key to protecting data, all employees must understand the importance of protecting company assets, including data.
A mobile phone is just like a small computer, that can be hacked. Learn basic mobile phone security practices to lock down this potential entry point to your corporate systems.
Despite a growing awareness and preparation for distributed denial-of-service (DDoS) attacks, the overall arc of DDoS attacks is not weakening, but actually gaining more attention from the companies and personnel who have experienced these threats first-hand.
A 60 minute, interview style webinar with Tejas Vashi of Learning@Cisco to discuss network security trends, risk mitigation and the recently released Cisco Cybersecurity Report. As organizations go through digital business transformation, attack surfaces are increasing, making it more difficult for Enterprises to secure today’s networks and proactively mitigate security breaches. Businesses and IT security professionals must focus on their most important goal: establish a secure communications environment. Join us to hear from Tejas Vashi, Senior Director of Learning@Cisco’s Product Strategy & Marketing, about key trends from Cisco’s latest cybersecurity industry research, the security challenges organizations face today, and what they can do to mitigate the risks.
Cloud computing enables development teams to get applications into production faster. IT Service Management (ITSM) leaders must adopt new strategies and change existing processes or risk becoming a barrier to success. Cloud computing requires DevOps-the blending of development and operations with the goal of accelerating time-to-market and reducing time-to-value. The good news is that ITIL® is uniquely positioned to accelerate DevOps, but it requires changes to existing ITSM processes.
VPNs and firewalls are highly recommended security solutions that can be used to protect your IT assets from threats and they are essential elements of both business networks and personal device connections. Learn more about the different kind of firewalls, benefits of VPN use and general deployment recommendations.
If you've ever found yourself jumping through a series of ever-smaller hoops in order to design security groups and folder hierarchies that let you control file system access the way you want, Dynamic Access Control could be an eminently useful feature. The built-in Active Directory attributes and resource properties are a great start, and eventually you can create your own and build access control rules that match your needs exactly. The promise of the File Classification Infrastructure that got our attention back in 2009 has evolved into a practical reality for building almost any access control scheme you can dream up.
A Dynamic Multipoint Virtual Private Network (DMVPN) can be used with other networks like Multiprotocol Label Switching (MPLS), but streaming multicast is accomplished quite well using "Default" and "Data" Multicast Distribution Trees (MDTs) with MPLS.
This quick reference guide will highlight the various certification tracks to help you find your path through the EC-Council programs.
There are two types of networks: those that have been hacked and those that will be. To defend against hacks, cyber professionals can benefit greatly from ethical hacking programs.
The CISSP (Certified Information System Security Practitioner) certification exam update in 2018 included a modest revision of the topics and a significant change to the testing process. Preparing for the CISSP exam has become more challenging. Here's everything you need to know about the changes.
A feature common to IPSec Virtual Private Network implementations throughout the Cisco product line is Perfect Forward Secrecy (PFS). This optional additional component is now a default supplied configuration setting with the Adaptive Security Device Manager (ASDM) I...
Global Knowledge instructor Doug Notini discusses the benefits of our FIREWALL 2.0 - Deploying Cisco ASA Firewall Solutions course.
Mobile payment systems have solid promise to become the dominant means of financial transactions, but there are some hurdles to overcome. Apple Pay might be the dominant force today, but Google Wallet and others are not far behind. The year 2014 was when digital and mobile payment systems became known to a wide range of the general population, while only techno-enthusiasts were aware of the options in the four to five years prior. Thus, mobile payment systems are not new, but customers and merchants are quickly adopting them now that they have become popular. It still remains your responsibility to thoroughly research any mobile payment option before implementing it. It is your money and you have the burden of ensuring that it has the best protection possible.
Securing corporate information can be a challenge, considering the numerous technologies and platforms that need to be protected. One technology that definitely helps achieve secure data is public key infrastructure (PKI), which enhances the security of data by using advanced access methods and making sure the authenticity of the data flow is preserved.
Google takes security to a whole new level thanks to their years of experience as one of the most popular targets on the internet for would-be hackers and denial of service bots. This led Google to build a sophisticated security infrastructure the likes of which few companies or organizations can claim. Google approaches security holistically and involves everything from the physical data centers, to the data pipelines between them, down to the training of each employee that is responsible for managing the infrastructure.
Whether you’re a beginner or intermediate Python developer, you’ll want to keep this guide close to your keyboard and Python editors. In it, you’ll find sample use cases for many of the most common language constructs and tasks that you’ll likely need to perform, such as reading a file or working with a database.
Your business has been hacked, leaving you with a persistent bot; now what? In this hour-long webinar, security expert David Willson will discuss ways you can eliminate the threat in an act of self-defense or defense of property. As new laws are explored, old ones amended, and solutions sought, you'll take a look at thinking outside the box to give the good guys the advantage-or at least a fighting chance.
Discover why healthcare organizations must take an immediate active role in securing their data. It is much more costly, monetarily as well as with regard to reputation, for an organization to react to a breach rather than plan for it.
Cybersecurity is a top technology investment area around the globe, with over half of our survey respondents saying it’s a priority. It’s no longer a niche skill—every IT professional needs some cybersecurity knowledge.
A firewall is a security tool which may be a hardware or software solution that is used to filter network traffic. Understand the basic functionality of a firewall where traffic is blocked or allowed to enter the network.
Planning for a cyber disaster makes recovering from one much easier. Still, as important as disaster planning is, it's often overlooked or put off until it is too late. In this webinar, Global Knowledge instructor Debbie Dahlin discusses planning for the unexpected -- whether the unexpected means a simple power outage, a network security breach, or a major natural disaster. She'll discuss risk analysis and risk management techniques and explain the importance and process of creating a business continuity plan. Using a fictional company as an example, Debbie will walk you through the disaster planning process a security professional should use, and she will provide simple tricks to reduce your company's downtime before, during, and after a disaster.
This Certification Prep Guide provides an overview of ISACA’s Certified Information Security Manager (CISM) certification and offers helpful tips that you can use when preparing for your CISM certification exam.
Based on the insight and relationships developed over many years, Global Knowledge has developed a best practices model of a superior cybersecurity organization—bringing our research and experience to bear and validating against hundreds of organizations, from the largest to the smallest. In studying world-class cybersecurity organizations, Global Knowledge discovered several critical characteristics that successful cybersecurity organizations all seem to share. So how does an organization like yours build a winning cybersecurity team? Let’s find out.
For every organization, effective cybersecurity is reliant on a careful deployment of technology, processes and people. The Global Knowledge cybersecurity perspective features a three-tiered organizational matrix, ranging from foundational to expert skills, coupled with eight functional specializations that encompass the features of a successful cybersecurity organization.
An incident is an event that could lead to loss of, or disruption to, an organization's operations, services or functions. Understand how an incident response team prepares, plans, and responds to a security breach.
The goal of risk management is to reduce risk down to an acceptable or tolerable level. Understand countermeasures, safeguards, and security controls that can be selected to eliminate or reduce risk.
Managing users' access to an organization's resources via portals is convenient with IBM's WebSphere Portal Scripting Interface. Compare tools available to the portal administrator and identify some use cases where IBM's Portal Scripting Interface may be the ideal choice. Review basic commands and find out how to create custom scripts.
Have you been afraid to implement PowerShell in your environment because of security fears? The reality of PowerShell security doesn’t always match the perception. When compared to other scripting languages, PowerShell is actually more secure by default.
Have you ever Googled yourself to see how much of your personal information is online? In many cases it can be pretty scary and include things like your home address, phone number, likes, dislikes, etc. One young man searched for himself and found all of his banking information online. In that case it turned out to be a mistake by a bank employee, exposing the banking information of 86,000 customers.
Times are changing. Attacks are becoming much more sophisticated and hackers are exploiting human vulnerabilities to gain access to enterprise networks and private information. Employees and end users want to help protect your company's sensitive data, we just need to motivate them as to why they should care. By educating your employees on security best practices and current human vulnerabilities, you can take a step forward to ensuring you're not a part of the many organizations that are breached.
In this hour-long webinar, Global Knowledge course director Brian Egler will examine key new features of Microsoft SQL Server 2016 that demonstrate how it provides automatic end-to-end security, seamless generation of business analytics and elastic integration of data in the cloud.
Database Management Systems (DBMS) have been monolithic structures with their own dedicated hardware, storage arrays, and consoles. Amazon Web Services (AWS) realized that while each company can use unique methods of collecting and using data, the actual processes of building the management infrastructure are almost always the same. AWS remedies DBMS problems with its Amazon Relational Database Service (Amazon RDS).
Should an organization that is the victim of an intentional nefarious hacking activity resort to retaliation? It’s a question that has been gathering a lot of attention. Retaliating against bad actors might seem appealing, but what are the legal ramifications? In this article, find out if there is a legal precedent to "hacking back."