Don't Slow Cybersecurity Spending: Steer into the ...

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

50%

Michelle McCarthy,
User Rank: Apprentice
7/5/2020 | 11:13:47 AM

Re: Interesting

Agreed Ryan, it can be difficult. However, what I'm taking away from the article - and from what I understand of the landscape - is that strong cybersecurity brings with it significant business advantages, which should help make the case. Advantages that need to be pitched as absolute 'must haves' for business reslience and growth potential as we climb out from the current economic pause. Certainly, demonstrable commitment to cybersecurity makes an organization more attractive to do business with and therefore more competitive when it comes to tendering, winning contracts etc.

The zero-based budget approach is an interesting one to me. Many organisations operate a complicated framework of legacy systems when it comes to cybersecurity. It's possible that by stepping back and re-engineering existing systems, savings could be made while at the same time bolstering security. Applying some zero-based scrutiny of systems already in place could kill two birds with one stone.

Reply | Post Message | Messages List | Start a Board

50%

RyanSepe,
User Rank: Ninja
6/30/2020 | 10:57:01 PM

Interesting

This article was an interesting approach. I guess it truly depends on how the pandemic affected your business bottom line. There were many good points in here but it can be difficult to make a cybersecurity pitch if your revenue was adversly affected due to the pandemic.

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 8/3/2020

'BootHole' Vulnerability Exposes Secure Boot Devices to Attack

Kelly Sheridan, Staff Editor, Dark Reading, 7/29/2020

Out-of-Date and Unsupported Cloud Workloads Continue as a Common Weakness

Robert Lemos, Contributing Writer, 7/28/2020

Live Events

Webinars

Expert led sessions and real networking - Join us at Data Center World 2020: A Virtual Experience

Collaborate With IT Industry Leaders at Interop Digital, Oct. 5-8

More Informa Tech Live Events

White Papers

Container Security Best Practices: A How-To Guide

CyberSecurity Trends 2020

A Guide to the Iranian Threat Landscape

Database Performance Monitor Datasheet

Special Report: The Changing Face of Threat Intelligence

More White Papers

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: Sandboxing? Ppphhht! I've moved beyond sandboxes to sandcastles.

Cartoon Archive

Current Issue

Special Report: Computing's New Normal, a Dark Reading Perspective

This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The Threat from the Internet—and What Your Organization Can Do About It

This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!

Download Now!

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

0 comments

State of Cybersecurity Incident Response

0 comments

Developing and Maintaining Secure Applications

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-16271
PUBLISHED: 2020-08-03

The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 generates insufficiently random numbers, which allows remote attackers to read and modify data in the KeePass database via a WebSocket connection.

CVE-2020-16272
PUBLISHED: 2020-08-03

The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 is missing validation for a client-provided parameter, which allows remote attackers to read and modify data in the KeePass database via an A=0 WebSocket connection.

CVE-2020-8574
PUBLISHED: 2020-08-03

Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service enabled allowing unauthorized code execution to local users.

CVE-2020-8575
PUBLISHED: 2020-08-03

Active IQ Unified Manager for VMware vSphere and Windows versions prior to 9.5 are susceptible to a vulnerability which allows administrative users to cause Denial of Service (DoS).

CVE-2020-12739
PUBLISHED: 2020-08-03

A vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices. The vulnerability is due to improper design or implementation of the Ethernet communication modules of the CNC. An attack...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]