A major Communications & Media company faced a large number of long-lived vulnerabilities in their service delivery network for which the asset owner was unknown. Without an asset owner for whom to turn for remediation, each day the situation was going from bad to worse. Their existing manual ownership identification processes were hopelessly overwhelmed by […]
Read MoreThis October, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published the first of a four-part series of position papers called “Security Guidance for 5G Cloud Infrastructure.” The first part, “Prevent and Detect Lateral Movement,” outlines five actions to prevent threats while building and hardening 5G cloud infrastructure. Although this position paper is specifically […]
Zero Trust as a concept has become almost fashionable, if not perceived to be routine, with the consequence of setting an unrealistic expectation that it is a table-stakes capability for any organization serious about cybersecurity. In part this is driven by the natural erosion of the security perimeter as more users work from anywhere and […]
Organizations generally recognize the strategic importance of Diversity, Equality, Equity, and Inclusion (DEE&I), but often struggle to drive tactical change in this space without analytical controls and frameworks to drive and monitor progress. Learn more about the analytical methods business leaders should implement to drive meaningful change within the workplace, in DayBlink’s latest insight About […]
In response to the recent ransomware attack on Colonial Pipeline, the Biden administration recently issued an executive order on “Improving the Nation’s Cybersecurity.” This document addresses a series of ongoing cybersecurity concerns brought to light by the recent ransomware attack. The latest insight from DayBlink’s Cybersecurity Center of Excellence provides a brief summary and analysis […]
“We need metrics. What are our key performance indicators? How do we know if we’re doing okay?” Cybersecurity leaders often ask these questions to their security teams to no avail — or worse, to a labyrinth of spreadsheets, incongruent datasets, and a rudimentary business intelligence layer sitting over the top of everything. Learn more about […]
With the decision to divest a significant portion of their business, our client had to quickly review all balance sheet accounts to prepare for its eventual sale. As part of their assessment, they identified thousands of outstanding unprocessed intercompany transactions.
Containers are helping enterprises develop, deploy, and deliver their applications faster — providing greater agility and efficiency over traditional software development methodologies. While adoption is increasing rapidly, container security challenges are slowing container deployments in production. DayBlink’s latest position paper focuses on how to find the highest value and easiest to implement container security initiatives […]
Why using ‘P@55w0rd’ may not be as effective as you think and how to set better passwords. In 2018, British Airways announced that a major security breach had exposed the personal data of 565,000 customers. The airline confirmed that over a two-week period, hackers were able to gain access to names, addresses, email addresses, credit […]
Why Two-Factor Authentication is Quickly Becoming Obsolete 2 Factor Authentication (2FA), a form of Multi-factor Authentication (MFA) or Multi-Step Verification, adds another layer of security, supplementing the username and password model with a code that only a specific user has access to (typically sent to something they have immediately to hand). It has quickly become […]