Employees remain the biggest source of corporate cyber risk. According to the “IBM X-Force 2016 Cyber Security Intelligence Index,” staff members are responsible for 60 percent of all digital attacks endured by enterprises. In most cases, there’s no malicious intent. Employees may subvert network security by opening infected email attachmen

I published the following diary on isc.sans.org: “The easy way to analyze huge amounts of PCAP data“. When you are investigating a security incident, there are chances that, at a certain point, you will have to dive into network traffic analysis. If you’re lucky, you’ll have access to a network capture. Approximatively one year ago, I wrote a qui

Security management can be proactive or reactive depending on each organization’s risk appetite. When attacks are made public, things change, and learning from threats becomes a requirement for both C-suite members and security leaders. WannaCry, NotPetya and Industroyer are some of the most recently analyzed malware pieces. Apart from corporate networ

Every day, organizations rely on security information and event management (SIEM) solutions to protect, control and monitor their technology infrastructures. These platforms serve as early detection tools for security threats. But how can security professionals validate that their SIEM systems are properly configured and aligned with the organization’s

A threat hunting program can provide an accurate picture of where your organization is exposed to threats and help security professionals strengthen those weaknesses. If you know how an adversary is breaking into your environment, you can improve your defenses and stop attacks from happening again in the future. This echoes the importance of having accurate

As businesses across the world become more geographically diverse and move toward an increasingly hybrid IT environment, legacy infrastructure is struggling to keep up. With more data flowing over enterprise networks from multiple sources, the demand for software-defined wide area network (SD-WAN) technology is growing exponentially. A report from IDC predic

End-to-end automated teller machine (ATM) network protection encompasses multiple security layers. Is it not enough to simply protect ATM endpoints to ensure the security of a bank’s finances. Instead, security teams at financial institutions must take a more advanced approach to ATM network protection. ATM security has always been a hot-button issue

The Internet of Things (IoT) is here, but is your security program ready to handle it? For many reasons, such as network complexity, limited visibility, politics and other challenges that come along with emerging technologies in the enterprise, your organizations is likely underprepared. To get up to speed, a good place to start is your application security

Follow the money! That is the famous first rule for investigating white collar criminal activity. It should also be the first rule for protecting your organization from a data breach, ransomware attack or other malicious activity. A basic fact of modern cybersecurity life is that the lone hacker of yore has long since vanished, replaced by sophisticated cy

The recent widespread attacks of WannaCry and NotPetya both used known vulnerabilities of legacy operating systems, namely SMB v1 protocol. In general, known vulnerabilities are easy to mitigate as long as patches and updates are provided. But in these cases, many organizations seem to have ignored the advice to patch their systems — or maybe not. There ar

The commercial real estate (CRE) industry is on the verge of a major disruption: the Internet of Things (IoT). Technology is making its way into an industry that historically lacks the innovative spirit, and we’re beginning to see a drastic change in what it means to be a real estate broker. As client needs evolve, brokers must develop new skills to k

Everyone wants to know who was behind the latest audacious cyberattack. Security professionals have long attempted to identify threat actors through linguistic analysis, but this method is limited when it comes to attribution. Part of the problem is that cybercriminals purposely build deception mechanisms into their code. “Deception is always a major

Security is an imperfect art. It’s also an imperfect science. Whether it involves experimenting with certain tweaks or implementing proven standards and prescriptive advice, figuring out how to manage a security program is as complex as navigating any other business function. According to the Pareto Principle, security professionals should focus on the

Software-defined wide area networking (SD-WAN) technologies are transforming the way enterprises approach connectivity and the implementation of security functions for branch and retail locations. These technologies give organizations greater flexibility, visibility and control of both satellite location networks and their connections to enterprise resources

Organizations contemplating Internet of Things (IoT) deployment projects must look at both past and future challenges through the lens of security. Enterprise data security is not a new topic, but for many companies, IoT deployments present new challenges because they extend the perimeter by introducing thousands of additional endpoints, each of which repres