When you take a close look at the Continuous Diagnostics and Mitigation (CDM) function at the heart of a successful cybersecurity program, you quickly realize that it all depends on integration. It isn’t that the individual components of the program aren’t absolutely essential. But with cyber-attacks gaining in number and sophistication, the true power of CDM is in the ability to overlay multiple datasets to create a single lens for tracking, assessing, and responding to threats.

Problem: If there are thousands of employees scattered around hundreds of places, how do you keep your organization’s network safe? Solution: You should monitor your employees wherever they’re located, and devise a standard baseline of their behavior through machine learning techniques. By using that information, you can identify anomalies and protect your network from cyberattacks.

If you’re running containers and Kubernetes on IBM Cloud, you can now enable the key security workflows of Sysdig Secure as a service within your IBM Cloud deployments. This makes it easier for you to implement security tools and policies to ensure your containers and your Kubernetes environment are protected and running as intended. The new container and Kubernetes security features are integrated into IBM Cloud Monitoring with Sysdig and offered as an additional service plan.

Microservices and Kubernetes have completely changed the way we reason about network security. Luckily, Kubernetes network security policies (KNP) are a native mechanism to address this issue at the correct level of abstraction. Implementing a network policy is challenging, as developers and ops need to work together to define proper rules. However, the best approach is to adopt a zero trust framework for network security using Kubernetes native controls.

System Monitor (Sysmon) is Windows’ service for monitoring activity and recording it to the Windows event log. It is the go-to for logging anything on a PC. Sysmon will immediately log events, capturing vital info. The driver for Sysmon will install as a boot-start driver, enabling capture of any and all events from the get-go. Now, you can send Sysmon logs straight to Logz.io Cloud SIEM.

When the value is obvious, most companies are willing to invest in tools to help employees get their job done better. But over the course of my career, I’ve noticed a few blind spots companies can’t seem to remember when writing out their tech team grocery list. These include things obvious to many, like training, antivirus for all devices, and comprehensive content management; or the more subtle ones like password managers or (yes) monitoring.

Cybersecurity attacks on industrial IoT solutions can have detrimental consequences. This is the case because IoT devices record privacy-sensitive data and control production assets. Therefore, demonstrable trustworthiness is prerequisite to IoT adoption in industrial settings. Fortunately, IT security is a mature field. Experts have identified classes of threats devices may be subject to. Let’s discuss these threat patterns and mitigation strategies in the IIoT context.

With the U.S. national security plan highlighting the need for both information dominance and protection, the Department of Defense is considering plans like modernizing military networks to ensure more effective communications between warfighters and allies in the harshest of environments and recruiting the specialized talent required for battlefield domination. To begin, the DoD must bridge the gap between its ambitious vision and the capabilities of current military networks.