One of the most disturbing security trends over the last few years has been the rise of the meta attack. The scope of this type of attack is far larger and wider than a threat designed to achieve a specific goal. These advanced cyberattacks are so significant, in fact, that they could sink an entire organization if it doesn’t take the time to install l

Risk management is the process of identifying, assessing and controlling threats to an organization. It is also a way to increase the security maturity of an organization. Risk management allows you to think about security more strategically and answer the questions that come from your company board, such as: How many times was the organization attacked? Is

Security management can be proactive or reactive depending on each organization’s risk appetite. When attacks are made public, things change, and learning from threats becomes a requirement for both C-suite members and security leaders. WannaCry, NotPetya and Industroyer are some of the most recently analyzed malware pieces. Apart from corporate networ

Endpoint attacks can come from any direction and many sources. Just consider the reported vulnerabilities found in Apache Struts and the damage caused by WannaCry and Petya. Companies need to stay one step ahead of endpoint attacks, but they struggle due to a lack of visibility of endpoint status, the complexity of investigations and ineffective remediation.

In recent years, several high-profile breaches involving customer data have led to long and costly litigations. These events demonstrated that data protection is more than just a cybersecurity concern. When responding to a data breach, legal teams have to work closely with the chief information security officer (CISO) to ensure that security policies, r

Indicators of compromise (IoCs) are artifacts such as file hashes, domain names or IP addresses that indicate intrusion attempts or other malicious behavior. These indicators consist of: Observables — measurable events or stateful properties; and Indicators — observables with context, such as time range. IoCs are crucial for sharing threat information and

The cybersecurity expert Stuart Peck, Director of Cyber Security Strategy, ZeroDayLab, shared its view on the Equifax data breach. For those of you living under a rock this week, Equifax suffered a major breach in their security, which led to over 143 million records being stolen by attackers. The information held by Equifax is highly sensitive, especially f

Full disclosure: I would not eat guacamole for years because a certain puppet-centric movie I saw as a child had me convinced that it was actually made of frog brains. Once in college, however, seeing guacamole being made completely changed my opinion — unlike a sausage-making demonstration in a rather unfortunate public speaking class that same year of coll

Given the increasing volume of connected devices throughout society, Internet of Things (IoT) security should be a key consideration for businesses and consumers alike. Embedded in everything from our homes and cars to commercial and industrial manufacturing, IoT solutions are already providing significant benefits. As a result, IDC expects organizations to

The purveyors of modern threats are not trying to simply deface your website or own your web server. These advanced attackers are attempting to siphon critical and sensitive data from your network over long periods of time, and do so undetected. Where Is Your Data? When threat hunting, at a minimum, you should know where your critical data is stored and how

It’s hard to escape the reality that every day, cyberthreats morph and expand, escalating the need to improve and tighten security operations and response practices. While it may feel overwhelming, there are ways to help level the playing field. Cognitive computing and machine learning are new technologies that can empower security practitioners to foc

The continuous advancement and sophistication of cyberthreats has gradually decreased the sufficiency of traditional gateway and endpoint security solutions for protection against malware. These approaches were sufficient when malware occurred in small numbers and it was easy to differentiate between good and bad applications. Nowadays, there’s a world

Cybercriminals and their tactics are becoming increasingly sophisticated. Given the rash of widespread, devastating attacks thus far in 2017, this trend shows no signs of slowing down. It’s no longer enough to simply implement incident response solutions. Today’s threats require a dedicated team of security experts to maximize these tools with

How would your organization’s leadership fare in its response to a full-on data breach? Regular and ongoing training can improve top leaders’ ability to respond to a cybersecurity breach and avoid doing additional damage to the reputation of the company as they deal with the repercussions. Organizations simply cannot afford to be lax about their

More and more companies are looking to cyber exercises and capture the flag events to improve their incident response effectiveness, upskill staff and tackle the cybersecurity talent gap. A red on blue experience provides a safe sandbox environment for participating companies to stress test their business processes and challenge their capabilities in respon