Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Cybersecurity Challenges: Understanding the What, How and When of Change
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Cybersecurity Challenges: Understanding the What, How and When of Change

5 years ago John Hunkeapillar
Cybersecurity Challenges: Understanding the What, How and When of Change

I subscribe to a newsletter from Gary Burnison, CEO of Korn Ferry.

His messages address a wide variety of career and personal issues in a thoughtful and educational manner. A recent Special Edition message was titled Exceeding Potential. It specifically addressed how opportunities present themselves and how to view and leverage them.

He closed his message with this statement:

It’s true that leaders are in the “what,” “how,” and the “when” business. But, ultimately, we all must be in the “opportunity” business—because exceeding potential is not just about each of us, it’s about all of us.

As a “Trust, but verify” cybersecurity professional, I considered Gary’s message and shifted the paradigm a bit. The shift is based on my passion and what I chose as my business career, IT security and compliance.

We can shift the idea of opportunities for law-abiding citizens to the world of criminal opportunists.

There have been studies that analyze and try to determine why criminals do what they do. The studies show that it’s not always because they are bad people who are prone to breaking the law; sometimes, it’s the opportunities that present themselves.

With that in mind, let’s consider for a moment how the pandemic has impacted our respective businesses and the opportunities they have presented.

Key Cybersecurity Challenges for 2021

Remote access and remote workforces are not new; they are opportunities that our respective organizations have provided as a convenience for us to perform our jobs. In the modern age we live in, we all have some level of access to our corporate networks and systems, whether that is checking our email on our smartphones or having full remote access to our mission-critical business systems.

The Pandemic has dramatically increased the number of employees working remotely, and this has subsequently increased the attack surface for cyber criminals, presenting our adversaries with new opportunities to find and exploit weaknesses in our cybersecurity and compliance programs.

Ron Solano, Data Security Officer at OptumInsight of United Health Group, spoke to The State of Security at the beginning of the Pandemic. He talked about the need to balance the threat of growing malware attacks with the network’s ability to handle greater numbers of remote users.

“Employees need to have laptops that are protected against viruses and other digital threats,” Solano explained.” We want to make sure there is no contamination when they log in to a company network. At the same time, networks have to be able to handle the larger number of people logging into the network as a result of our organization’s remote work. Inbound pipes need to be monitored for load balancing.”

Standard, every day processes are now more challenging than ever. This presents an increasing set of opportunities for bad things to happen, such as:

  • Exploiting unpatched systems
  • Bypassing inadequate controls and policies
  • Capitalizing on authorization creep and other drifting defenses

The answer, though simple to put into writing, is not easy to achieve:

  • Ensuring a timely patch process on remote and intermittently connected assets
  • Validating that security controls, corporate configuration policies and perimeter defenses are in place and not drifting from a known good state
  • Analyzing suspicious files that may be introduced to the network before they can cause harm
  • Understanding the What, How and When of changes taking place on our respective assets

Fortunately, you are not alone when combating the problems that can threaten your cybersecurity. Tripwire is a recognized leader in the cybersecurity and compliance management space. It enjoys a 20+ year track record of helping our customers protect their assets and mission critical infrastructures. Our focus on fundamental controls and risks presented by assets connecting to our respective mission critical networks provides our security and compliance teams with a clear understanding of and the opportunity to proactively address the What, How and When.

Please visit us at Tripwire.com to learn more about our industry-leading technologies and services or reach out to your local Tripwire Representative. Let’s explore the opportunities that Tripwire offers in securing your mission-critical infrastructures.

The post ” Cybersecurity Challenges: Understanding the What, How and When of Change” appeared first on TripWire

Source:TripWire – John Hunkeapillar

Tags: Critical Severity, Exploit, TripWire, Vulnerability

Continue Reading

Previous Cloud-Based Storage Misconfigurations – Understanding the Security Risks and Responses
Next New ‘unc0ver’ Tool Can Jailbreak All iPhone Models Running iOS 11.0 – 14.3

More Stories

  • Critical Vulnerability

http://thehackernews.com/2026/02/docker-fixes-critical-ask-gordon-ai.html

4 hours ago [email protected] (The Hacker News)
  • Data Breach

[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate

7 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

7 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Data Breach

When Cloud Outages Ripple Across the Internet

10 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

12 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox

15 hours ago [email protected] (The Hacker News)

Recent Posts

  • http://thehackernews.com/2026/02/docker-fixes-critical-ask-gordon-ai.html
  • [Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate
  • Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
  • When Cloud Outages Ripple Across the Internet
  • APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT