Articles by category
The Basics: Secure Software Development
Secure Software Development Lifecycle (SSDLC) is an approach to software development that emphasizes the value of security at every phase of product development. What is Secure Software Development Lifecycle? Secure Software Development Lifecycle (SSDLC) is a collection of best practices focused on adding security to software development. By taking a security first approach from requirement gathering through to product release, [...]
Check Your {User} Privileges
User privileges settings in commercial software frequently (and inadvertently) expose your business to privilege escalation attacks. Monitoring for access rights changes can help to proactively mitigate the risks. The team at CYDEF advocates for the principle of minimum privileges; according to which users should have only the minimal access rights to perform their jobs. A big part of the goal of minimum privileges is to ensure that users do not casually operate their machines with administrator privileges. After all, [...]
AI Driven EDR: It Doesn’t Replace Human Intervention
AI driven EDR dramatically reduced the workload involved in manual endpoint detection and response. However, the human element of threat hunting remains invaluable. Cybersecurity Solutions Require Supervision Managed Service Providers (MSPs) are in the business of providing a variety of essential technical services to businesses. When a vendor offers a solution that eases the risk of cybersecurity with the promise [...]
ROI of PuP Detection
The security impact of detecting potentially unwanted programs is sometimes fuzzy, but in our experience, it helps reduces help desk costs. Small Victories: The ROI of PuP Detection Potentially Unwanted Programs (PuPs) generally have no real security impact. In most cases, they are more of an annoyance than a real threat (even if the threat can be real, as described in [...]
Small Business Cybersecurity Myths
Small Business Cybersecurity myths and mistakes can destroy a business. Phishing attempts, Potentially Unwanted Programs, and Malware do not differentiate between a small business and a large enterprise. Once infected, a business is at risk – regardless of size. Understanding Cybersecurity Myths The risks posed by cyber attacks are impossible to overlook. From recent attacks on pipelines, to breaches at [...]
Small Businesses Need Software Updates
Software updates and patches are frequently avoided by small and medium business owners. These critical updates are thought to take up too much time to download and install, while they offer little business value. Software Updates Offer More Than New Functionality When it comes to saving time, Small and Medium Business owners develop their own unique tactics. One that [...]
The Human Factor: The Hidden Problem of Cybersecurity
Humans are a significant factor contributing to data breaches. While cybersecurity is usually treated as a technology problem, 88% of data breaches are the result of human error. Human Factor in Cybersecurity The human factors in cybersecurity are actions or events that result in a data breach. These factors largely result from a lack of awareness, negligence, or inappropriate access [...]
WFH Cybersecurity Best Practices for SMEs
WFH cybersecurity best practices are virtually non-existent in 49 percent of businesses. The sudden shift to remote working in early 2020 caught many businesses off guard, with most businesses prioritizing ‘getting things done’ over IT security. WFH Cybersecurity Threats Continue to Grow Working from Home (WFH) suddenly became the new normal at the beginning of the pandemic. According to many [...]
What is an Incident Response Plan: Basic Guidelines for SMEs
An incident response plan provides detailed steps for crisis management in the face of a cyber attack. Planning for When a Cyber Attack Strikes Incident response planning may seem like the projection of the worst-case scenario. That’s because it actually is. An incident response plan provides Small and Medium Enterprises (SMEs) with the guidelines to react and recover when a [...]
Moral Hazard of Cyber Insurance
Cyber insurance is not a replacement for harm prevention measures. The prices are high and will continue to go up. Here’s why. While doing research for a customer about trends you can expect for 2021, I found a number of outlets warning that the cyber insurance market was hardening with rises in premiums. Should we expect this trend to continue or will premiums stabilize? If [...]
CYDEF to Scale Beyond 1 Million Endpoints
CYDEF solution testing with CENGN establishes business capacity to grow beyond 1 million endpoints. CYDEF Identifies Opportunities to Scale at Cost Over the course of 6 months, CYDEF collaborated with Canada’s Centre of Excellence in Next Generation Networks (CENGN) to establish the capacity of its cybersecurity solutions. By partnering with CENGN, CYDEF proved that its architecture scales successfully beyond 100,000 devices. With this knowledge, CYDEF has developed [...]
macOS Coverage: Is It Worth It?
With CYDEF’s recent coverage expansion to the macOS platform, we need to address the value of cybersecurity protection for Macs. After all, aren’t Macs completely impervious to security threats? The answer is no of course. So why is the question "Do I need Malware Protection for Mac?" so popular? This post will start by covering the security advantages of the [...]