Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
The Gartner Information Security & Risk Management Summit at National Harbor, Maryland ran from June 3rd to 7th. Gartner’s event is a great opportunity for cybersecurity professionals to network with each other and attend panels on topics ranging from CISO responsibilities to cloud security, from intrusion detection to risk assessment, from endpoint protection to compliance. Fortunate attendees got to gleam knowledge from industry stars like IBM Security’s Bob Kalka, Cisco’s Gil Zimmermann, Microsoft’s Michael McLoughlin, Herjavec Group’s Robert Herjavec, and Gartner’s own Augusto Barros, Earl Perkins, and Roberta Witty.
If you couldn’t attend this year, here’s your opportunity to enjoy what I believe to be the highlights of the event.
Talking to Business Executives is a Key Corporate Cybersecurity Skill
We know how enterprises can maintain and improve their security stance. But money makes the world go ‘round, and if you want good cybersecurity practices to be implemented, you have to convince the non-technical executives.
Security is often a hassle for the non-tech C-suite. You must treat them like customers that you have something to sell to. When you sell security effectively, customers feel satisfied that you’re solving their problems.
Gartner’s Leigh McMullen said:
“Today, the battle ground for the digital industrial revolution is the customer experience. It’s not about cost; it’s not about efficiency; it’s not even about product. It’s about experience.
We as security people want things to be controlled. We want them stable, but people’s expectations are being set by forces outside our control, which means we need to change how we engage if we want to be successful. We have to give up control to gain influence.
Security should not wreck the customer experience, but it often does. Customers, and that is everyone in your enterprise, want the effort they put in to match the value they expect to get. If you deliver the wrong experience, they’ll just tune you out.”
As much as possible, you should translate how you speak about technological realities and solutions into business-speak. Less cybersecurity jargon, more Fortune Magazine.
Gartner’s Paul Proctor said:
“When we talk about technology risk and security, primarily in technology terms, stakeholders treat us like wizards who cast spells and protect the organization. Making risk and security more transparent and business-aligned is an absolute requirement to get you out of the wizarding world.”
If you’re going to cast “wingardium leviosa,” just explain that it’s a levitation spell.
Executives often get blamed after a significant cyber-attack. You need to sell them defensibility.
“We have treated security like a dark art for so long that when an organization gets hacked, people don’t understand. So, the primary question is, ‘Who screwed up?’ You can’t guarantee the organization won’t get hacked, so stop selling your executives protection, and start selling something they truly need, defensibility.”
The risk assessment process must include any applicable non-technical executives in order to be conducted properly.
“Offering executives decision-making in the context of operational outcomes makes these engagements more than interesting to them. It directly impacts the decisions they make. You are now helping them do their job.”
Your customers naturally fear risk. That fear has had a negative effect on security innovation – an absolute must as cyber threats evolve.
Proctor said:
“Organizations are slowing down because they fear this issue. If you can improve their comfort and understanding of risk and security, you can help your company move faster. That is truly a business value of security.”
Better Security Through Proper DevOps
Cloud researcher Mark Nunnikhoven discussed the importance of good DevOps. The phrase is often misapplied. Essentially, DevOps is all about striking an effective balance between development and operations. It’s that simple.
Properly implemented DevOps features increasingly efficient delivery pipelines, due to constant feedback loops. DevOps can create “a culture of collaboration that reduces risk by decreasing the size of changes to production environments,” featuring people, process, and products.
In order to reduce risk when implementing DevOps improvements, make lots of smaller changes rather than making fewer larger changes. If you try to deploy a very large quantity of new code all at once, it can be more challenging to fix new bugs and vulnerabilities.
Good cybersecurity starts at the development stage, rather than as an auditing step, which results in more outdated perimeter approaches to security hardening.
If proper DevOps security means that the development process takes more time, then so be it. All stages of development must be designed with security in mind. The earlier a bug is found, the easier it is to fix.
“Soft skills” such as social ease and being able to communicate effectively are key to getting development and operations to work together successfully. Few security professionals can excel with “hard skills” alone.
ITSM Ticketing System
Tags: Advanced Endpoint Protection,Comodo Cybersecurity,cybersecurity,Endpoint Protection,Information Security
Reading Time: 4 minutes Increased dependency on computers and access to data makes an organization more vulnerable to cybersecurity threats. With the increase in cyber-criminals and cyber-attacks, many companies today are looking for greater protection of their decentralized computing work environments from their Managed Service Providers (MSPs). As a result, MSPs need to deliver firewall solutions that are designed…
Reading Time: 3 minutes Rapid technological growth and increasing digitalization in all aspects of life around the world have increased the value of ensuring cyber-security at all levels. This is increasingly true for EU member states and the organizations that are based in or operate from these countries. The number of cyber-attacks targeting EU member states has risen. The…
Reading Time: 3 minutes Disruptions are often unforeseen. This could be a catastrophic event like a hurricane, a fire, or an earthquake. Disruptions, however, can also come in other forms such as that of a pandemic. This means that a building doesn’t necessarily have to be demolished or lives have to be lost for an unforeseen event to completely…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
agreecheck
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP