Phishing: What It Is and How to Protect Yourself In today’s digital age, we rely heavily on the internet and technology to go about our daily lives. We use email to communicate with friends and colleagues, shop online for products and services, and conduct banking transactions from the comfort of our own homes. While these …
Confidentiality, Integrity and Availability – What is it? You may have heard information security specialists referring to the “CIA” — but they’re usually not talking about the Central Intelligence Agency. CIA is a widely used benchmark for evaluation of information systems security, focusing on the three core goals of confidentiality, integrity and availability of information. Data confidentiality …
What is Confidentiality, Integrity and Availability – CIA Triad Read More »
What is Cross-Site Scripting (XSS)? Cross-site scripting (XSS) is a vulnerability in web applications that allows a third party to execute scripts in a user’s browser on behalf of the web application. Cross-site scripting is one of the most prevalent vulnerabilities on the web today. Exploiting XSS against users can lead to various consequences, such as account …
Complete Guide on API Security for Mobile Apps | Creative Ground Tech What is API security? The world has transitioned to an era of interconnectivity with the Internet of Things (IoT) taking over all phases of everyday human life. And, API is the most common thread that connects all devices and microservices. With …
Cloud security compliance Once a company is in the cloud, it should be concerned with how the cloud provider will help the company remain in compliance with the laws, such as Europe’s General Data Protection Regulation (GDPR) or HIPAA in the U.S. This discussion should start from the very beginning rather than after the cloud …
We adopt a “Zero Trust Architecture” (ZTA) cybersecurity paradigm. Why? Inadequate access controls can lead to data exfiltration, unauthorized access, lateral movement and/or the introduction of malware into an environment. Consequences of that include damage to brand/reputation, fines, erosion of customer confidence, delays in service delivery due to unplanned downtime, lengthened approval processes and impacts …
For today’s enterprises that are highly dependent on information competitiveness, the importance of information security has no need to be overstated, which is reflected in the increasing information security budget of enterprises every year and the continuous improvement of information security priorities. However, with the continuous acceleration of technological innovation in the information security market, …
Maturity Models of Enterprise Information Security Read More »
The most commonly mixed up security terms; Threat, vulnerability, and risk. While it might be unreasonable to expect those outside the security industry to understand the differences, more often than not, many in the business use these terms incorrectly or interchangeably. Maybe some definitions (from Strategic Security Management) might help. Asset – People, property, and …
Threat, Vulnerability & Risk – Cyber Security Concepts Read More »
SSRF (Server-Side Request Forgery) is a security loophole constructed by an attacker to form a request initiated by the server. In general, the target of an SSRF attack is an internal system that cannot be accessed from the external network . (Because it is initiated by the server, it can request the internal system connected to it but isolated from the …
A successful cyberattack is about more than just getting your foot into the door of an unsuspecting target. To be of any real benefit, the attacker needs to maintain persistence access within the target environment, communicate with infected or compromised devices inside the network, and potentially exfiltrate sensitive data. The key to accomplishing all these …
established in Nairobi Kenya, Creative Ground Tech strives to promote Cyber Security Awareness and offer a world class Cyber Security and Data Science training courses. we believe in Africa and we are building Africa’s next generation of skilled Data Scientists and cybersecurity professionals through hands-on training courses.
Our training courses are designed to help businesses develop the workforce with the vital skills any organization requires.
The #1 cyber security and data science training provider in Africa.
Sign up to our newsletter