Cybercriminals and their tactics are becoming increasingly sophisticated. Given the rash of widespread, devastating attacks thus far in 2017, this trend shows no signs of slowing down. It’s no longer enough to simply implement incident response solutions. Today’s threats require a dedicated team of security experts to maximize these tools with

How would your organization’s leadership fare in its response to a full-on data breach? Regular and ongoing training can improve top leaders’ ability to respond to a cybersecurity breach and avoid doing additional damage to the reputation of the company as they deal with the repercussions. Organizations simply cannot afford to be lax about their

More and more companies are looking to cyber exercises and capture the flag events to improve their incident response effectiveness, upskill staff and tackle the cybersecurity talent gap. A red on blue experience provides a safe sandbox environment for participating companies to stress test their business processes and challenge their capabilities in respon

According to Forrester, business and technology leaders often dismiss lawyers as obstacles to productivity. Many security teams fail to fully engage legal with incident response planning because: Lawyers are often seen as risk-averse, disengaged advisors. It’s difficult to know whether you’re talking to the right lawyer. There is a widespread b

Organizations today are battling three compounding challenges: complex cyberattacks that shift as they unfold, complicated technology environments and a fast-growing skills gap. As a result, technologies and processes that enable a dynamic, fast and orchestrated response are becoming vital. IBM Resilient has many enterprise deployments around the world spa

We all have heard the proverb: One rotten apple can spoil the whole barrel. This also applies to many practical scenarios in our day-to-day life, like finding a stinky sock in a pile of fresh laundry. Similarly, in a security operations center (SOC), one of the tasks security analysts spends most of their time on is identifying and detecting the actual threa

Gamification — the process of applying game principles to real-life scenarios — is everywhere, from U.S. army recruitment to immersive cybersecurity training. Employee satisfaction and motivation can be fickle. In a job that requires both repetition and razor-sharp focus to pinpoint anomalies, it can be difficult to maintain an edge. This can lead to burnout

We’ve all heard that when it comes to experiencing a data breach, the question is not if it will happen, but when. You may be wondering about the actual odds of it happening to your organization. Think about it this way: The chances of being struck by lightning this year are 1 in 960,000. When it comes to experiencing a data breach, according to the Po

The most common cyberattacks tend to follow the same pattern: An employee receives a fraudulent email and unwittingly exploits a vulnerability upon opening a malicious attachment, exposing sensitive data. Of course, there are countless variations — an unknown vulnerability, encrypted or exfiltrated data, a malware-laden hyperlink — and each one could result

While the world breathes a sigh of collective relief with the discovery of a kill switch that slowed down the WannaCry worm, significant risk remains. The website that activated the kill switch has come under attack, meaning that a new version of WannaCry without the weakness could easily be released. We need to remain vigilant. WannaCry has demonstrated its

IBM X-Force Research recently observed a wave of malware-induced Active Directory (AD) lockouts across several incident response engagements. The lockouts caused hundreds to thousands of AD users to get locked out of their company’s domain in rapid succession, leaving employees of the impacted organizations unable to access their endpoints, company ser

A few weeks ago, the security community had its security blanket ripped firmly away as the WannaCry ransomware ripped through hospitals, rail systems, telecommunication companies and more as it made its way around the globe. While the dust settles and researchers figure out the initial infection vector and develop recommendations for preventing future inci

In the months since we began simulating full-scale cyberattacks for customers at our IBM X-Force Command Center in Cambridge, Massachusetts, I’ve watched a steady stream of corporate security teams confront the hair-raising experience of a simulated cyberattack. The Command Center recreates the whole crisis from start to finish, featuring a controlled,

By now, you’ve no doubt heard of WannaCry, the ransomware attack that impacted over 300,000 victims in more than 100 countries over the past 10 days. While we’ve all focused on effective patching strategies to prevent further infection, an important part of the discussion is how to plan for a successful incident response (IR) to ransomware and o

Two weeks into the WannaCry aftermath, response teams are getting back to normal, organizations are re-evaluating their infrastructures, and even the bitcoin payments the fraudsters were collecting have almost stopped trickling in. It’s time now to look into the data to find clues about what made WannaCry spread so rapidly and with such a wide scope.