Ekran System Blog

News, opinions, and industry insights

February 23, 2023

When faced with a cybersecurity threat, few organizations know how to properly handle the incident and minimize its impact on the business. Having a well-designed incident response plan (IRP) in place can save your organization time and resources on incident remediation.

 

We can get you started with building an efficient IRP. Read this post and create an IRP that fits your organization’s needs using the best practices from the NIST incident response framework.

 

Incident response plan: what it is and why you need one

 

Most...

Category:
February 08, 2023

Your organization most likely has privileged users — employees, subcontractors, and even customers who are authorized to access critical applications and sensitive data. But those elevated access rights make an organization vulnerable. If a privileged user makes a mistake or an attacker gets access to a privileged account, your most valuable data is at risk. According to the 2021 IBM Security X-Force Insider Threat Report [PDF], privileged accounts were related to at least 80% of insider-caused security incidents that X-Force responded to between 2018 and 2020.

 

...
Category:
January 25, 2023

The Covid-19 pandemic has changed the way we work forever. Although some part of the workforce returned to the office as soon as restrictions loosened, many employees wish to continue working remotely. According to data from Gartner, 60% of knowledge workers are remote, with at least 18% not planning to return to the office anytime soon.

 

A hybrid office is a great option for both types of workers. However, a hybrid work environment may pose considerable security risks for organizations and expose them to insider threats. In this article, we review ten practices to...

Category:
January 20, 2023

New hires bring fresh ideas and unique skills but can also pose a threat. They can endanger your organization’s sensitive data and IT systems due to carelessness, lack of cybersecurity awareness, or malicious intent. The potential insider threats stemming from new employees are especially concerning for large organizations with a high flow of personnel who may find it challenging to thoroughly monitor and supervise all new hires security-wise.

 

Read our post to figure out why this is the case and learn how to reduce insider threat risks from new employees in...

January 11, 2023

Access control is a fundamental element of your organization’s security infrastructure. Every security officer wants to apply the principle of least privilege, implement a zero trust architecture, segregate user duties, and adopt other access control best practices without harming the company’s workflow.

 

There are several approaches to implementing an access management system in your organization. In this article, we analyze the two most popular access control models: role-based and attribute-based. We review the pros and cons of each model, compare them...

Category:

Pages