Security Affairs

APRIL 5, 2023

The CISA ‘s Joint Cyber Defense Collective (JCDC) initiative is going to build operation plans for protecting and responding to cyber threats. What comes to mind when you think of cyber criminals? To address this gap, the JCDC is planning proactive measures for future cyber risks.

Energy and Utilities 76

Energy and Utilities Cyber threats Risk Cyber Risk 76

Centraleyes

JANUARY 21, 2024

The Evolving Cyber Threat Landscape The contemporary threat and regulatory landscape have pressed organizations to fortify their cyber-crisis management capabilities. In recent years, a surge in cyber-attacks targeting critical infrastructure has been observed globally. Strengthened supply chain security requirements.

Cybersecurity 110

Cybersecurity Energy and Utilities Cyber threats Risk 110

Malwarebytes

MAY 21, 2023

In this blog post, we'll be recapping the highlights and key takeaways from the webinar hosted by Marcin Kleczynski, CEO and co-founder of Malwarebytes, and featuring guest speaker Joseph Blankenship, Vice President and research director at Forrester. Looking at the ROI of MDR Cyber threat hunting for SMBs: How MDR can help

Cyber threats 75

Cyber threats Technology Ransomware Malware 75

Cisco Security

MAY 28, 2021

Today’s incident response teams operate like hospital emergency rooms (ERs). At Cisco, I’ve been a part of a team responsible for imagining a preventive-care approach to cybersecurity—“cyber hygiene.” It turns out that building a holistic inventory is not so easy. Take Cisco IT, for instance.

Risk 122

Risk Healthcare Phishing Authentication 122

Anton on Security

SEPTEMBER 7, 2023

Detection Engineering is Painful — and It Shouldn’t Be (Part 1) This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. Related blogs: Can We Have “Detection as Code”? Threat-informed Defense Is Hard, So We Are Still Not Doing It!

Engineering 113

Engineering Software Malware 113

The Last Watchdog

JANUARY 9, 2024

Organizations conduct these sessions to bring participants up to speed on the cybersecurity threat landscape and develop their knowledge of best practices to secure sensitive data, assess risk levels, and report incidents. Amos In addition to providing essential knowledge, cybersecurity training encourages individual and team accountability.

Technology 203

Technology Cybersecurity Risk Mobile 203

Herjavec Group

SEPTEMBER 23, 2021

For many teams, the priority was set on keeping the lights on and surviving, leaving their security teams grappling to catch up once the company’s operations were already online. As cyber breaches and ransomware attacks skyrocket, businesses now have no choice but to face the truth — cybersecurity is no longer an option.

Cybersecurity 97

Cybersecurity Penetration Testing Digital transformation Risk 97

Anton on Security

AUGUST 30, 2021

However, our beloved domain of cyber is full of skeptics and cynics, as well as well-meaning people who just can’t take the exaggerations anymore… With this post, I wanted to explore one particular area of 10X possibility. Attackers come, alerts trigger, we clear them, adjust, tune, response, rinse, repeat.

Engineering 273

Engineering Marketing Education Threat Detection 273

Centraleyes

MAY 13, 2024

Compounded by the struggle to justify the financial commitment to traditional on-site compliance teams, decision-makers find themselves in a delicate balancing act. Virtual compliance teams step in in this scenario, offering a transformative solution that aligns cybersecurity needs with budgetary constraints.

Cyber threats 52

Cyber threats Cybersecurity Risk Technology 52

The Last Watchdog

NOVEMBER 29, 2021

Mental health cyber risks. According to Verizon, 22 percent of all security incidents involve insiders. Socially engineered incidents have also been on the rise. Anytime a system is vulnerable, it becomes an opportunity for cyber criminals and other bad actors to infiltrate the system causing a cybersecurity nightmare.

Cybersecurity 223

Cybersecurity Social Engineering Risk Cyber Risk 223

NetSpi Executives

DECEMBER 19, 2023

NetSPI Partners bring a fresh perspective to the lofty goal of simplifying detection and response outcomes by weighing in on the long-term effects of complexity, discussing when to optimize versus invest in technology, and explaining how automation can ease workflows and enhance efficiency in detecting, investigating, and responding to threats.

CISO 105

CISO Technology Engineering Artificial Intelligence 105

CyberSecurity Insiders

OCTOBER 11, 2021

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Building the Investigation. Julius Charles – Associate Cybersecurity. Executive summary.

Threat Detection 122

Threat Detection Cybersecurity Malware Cyber threats 122

Centraleyes

NOVEMBER 8, 2023

The rule mandates that companies report material cybersecurity incidents within four days. stock exchanges must adhere to the cyber risk management and material incident reporting guidelines, commencing in mid-December 2023 (or Spring 2024 for qualifying small companies). However, there’s room for optimism.

CISO 52

CISO Cyber Risk Risk Cybersecurity 52

Centraleyes

JANUARY 7, 2024

A single data breach can compromise your ability to operate, generate revenue, and ruin the reputation you’ve spent years building with your clients, business partners, and vendors. It’s important your cybersecurity teams have a cyber risk management program in place for this purpose. There’s no avoiding digital risk.

Cyber Risk 52

Cyber Risk Risk Penetration Testing Cybersecurity 52

BH Consulting

NOVEMBER 22, 2023

In the first 10 months of this year, Ukraine’s national computer emergency response team, CERT-UA, logged 2,054 cyber incidents, compared to 2,194 for the entirety of 2022,” wrote Mathew Schwartz. One still-unattributed incident involved an external attack against a steel mill in Germany in 2014.

Cybercrime 64

Cybercrime Technology Cybersecurity Engineering 64

SecureWorld News

NOVEMBER 30, 2023

Traditionally, CIOs were responsible for managing and overseeing the IT infrastructure of an organization, ensuring the smooth operation of systems and applications. Cybersecurity: With increasing cyber threats, CIOs must prioritize cybersecurity, ensuring the protection of sensitive data and systems. "

CISO 96

CISO Artificial Intelligence Phishing Cybersecurity 96

Security Boulevard

SEPTEMBER 21, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. It is the complex cyber defenders’ knowledge injected at every step of the rule creation and alert (and then incident) response process that is the real value-add of a SOC capability.

Engineering 59

Engineering Threat Detection Marketing Internet 59

Security Affairs

APRIL 13, 2023

Dealing with issues of insider cyber risk can be different and nuanced. No company with any zero-trust initiatives can responsibly look the other way. The question isn’t why to build out an insider threat prevention program: it’s how. While this is imperative, it does leave gaps when alerts are too high and teams are too busy.

Data privacy 90

Data privacy Risk Media Software 90

Centraleyes

APRIL 8, 2024

consumers would not trust a company with their personal information if it had a data breach According to the above source, 44% blame cyber attacks on a company’s inadequate security measures. Building Customer Trust: Let’s face it. The platform helps teams classify, map, and track sensitive data. 66% of U.S.

Data privacy 52

Data privacy Unstructured Data Data breaches Government 52

Cisco Security

JUNE 15, 2022

For a security leader, the toughest questions are often around security buy-in: How do you achieve active support across the organization for building resilience? I was joined by Liz Waddell, Incident Response Practice Lead at Cisco Talos , who’s often there at ground zero for data breaches, helping teams put out fires in remediation.

CISO 92

CISO Digital transformation Risk Data privacy 92

Security Boulevard

JANUARY 2, 2024

This past year set a profound stage, from the advent of stringent cyber regulations to the convergence of generative AI, social engineering, and ransomware. Prediction 5: Attackers Respond to SEC Regulations Attacks will shift in response to the cyber regulations imposed by the U.S. Securities and Exchange Commission (SEC).

CISO 104

CISO Social Engineering Architecture Ransomware 104

The Last Watchdog

MARCH 8, 2023

Whether an API is exposed for customers, partners, or internal use, it is responsible for transferring data that often holds personally identifiable information (PII) or reveals application logic and valuable company data. Model: Define organization-wide best practices with the flexibility to extend by the domain teams.

Digital transformation 200

Digital transformation Data breaches Cyber Risk Marketing 200

CyberSecurity Insiders

MARCH 30, 2023

In this blog post, we will delve into the essential components of incorporating the human factor and fostering a security-aware culture to maximize the effectiveness of your zero trust security strategy. Encourage employees to report any suspicious activities to the security team and foster an environment where they feel comfortable doing so.

Security Awareness 102

Security Awareness Education Cyber threats Cybersecurity 102

McAfee

AUGUST 6, 2021

This is the third in a series of blogs on the Cybersecurity EO, and I encourage you to read those you may have missed. By incorporating endpoint detection and response (EDR), organizations have granular control and visibility into their endpoints to detect suspicious activity. Is Endpoint Detection and Response (EDR) Enough?

Cybersecurity 78

Cybersecurity Artificial Intelligence Technology Engineering 78

Security Boulevard

SEPTEMBER 21, 2022

Hiring an incident response (IR) vendor often “checks the box” for companies that need to comply with a regulation or want to improve their security posture. But when minutes count and a cyber incident is in process, that checked box doesn’t automatically translate to an effective response.

Insurance 52

Insurance Cybersecurity Risk 52

Webroot

JULY 25, 2022

Most customers alluded to the cybersecurity skills shortage; one of the key market drivers remains a “managed” component tailored to organizations’ response capabilities. With new threats emerging daily, the industrywide shortage of skilled professionals is placing additional stress on security teams.

Cyber Insurance 124

Cyber Insurance Insurance Marketing Phishing 124

Anton on Security

SEPTEMBER 14, 2022

This blog / mini-paper is written jointly with Oliver Rochford. As a consequence, security teams are beginning to place much greater emphasis on being able to understand how a detection machine made a decision since they cannot simply look at what the signature does. When we detect threats we expect to know what we are detecting.

Threat Detection 244

Threat Detection CISO Accountability Ransomware 244

SecureList

JUNE 20, 2022

Knowing the technical aspects of an attack may allow victims to build stronger defences, patch gaps and increase their cyber-resilience. A constant challenge in such an endeavour is that the cyber context, in all its complexity and interconnectedness, remains a dark, unknown forest for many decision-makers.

Energy and Utilities 89

Energy and Utilities Data collection Malware Cybersecurity 89

Cisco Security

MARCH 9, 2022

Here, in part four of our five-part blog series , we’ll be focusing on that very question. Figure 1: Effect of strong people, processes, and technology on threat detection and incident response capabilities. Figure 2: Effect of cyber intelligence usage on threat detection and incident response capabilities.

Threat Detection 71

Threat Detection Technology Cybersecurity Data breaches 71

Security Boulevard

FEBRUARY 28, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. I wrote a blog post about my concerns given Linux is embedded everywhere, yet many of these systems are rarely, and even never updated with security updates.

Energy and Utilities 145

Energy and Utilities Ransomware DDOS Accountability 145

CyberSecurity Insiders

MAY 12, 2021

MITRE ATT&CK® is an invaluable resource for IT security teams, who can leverage the framework to enhance their cyber threat intelligence, improve threat detection capabilities , plan penetration testing scenarios, and assess cyber threat defenses for gaps in coverage. How Cyber Criminals Take Data from Corporate Systems.

Threat Detection 90

Threat Detection Penetration Testing Cyber threats Cyber Attacks 90

Jane Frankland

OCTOBER 17, 2023

Sadly, no matter your company size, industry, or geographic location, one thing is clear – these alarming statistics underscore the need for heightened cyber vigilance. Reducing financial losses: A successful cyber-attack can lead to significant financial losses for an organisation.

Security Awareness 124

Security Awareness Education Cybersecurity Data breaches 124

Security Boulevard

MARCH 6, 2024

Traditionally, cybersecurity has been a reactive game: We respond to cyber threats as they arise, analyze the incidents, add pertinent information to “deny lists”, and update stakeholders on “what happened.” Enhanced Security Posture The evolution of security is becoming less about building higher and bigger walls.

DNS 86

DNS Phishing Data breaches Cyber threats 86

Cisco Security

MARCH 15, 2021

The email administrator also has to share the data, reporting and actual emails allowing their SOC and other teams in order to perform X, Y, Z. As we have already read in previous blog posts, the Phishing Investigation Workflow available in Orchestration is a game changer for today’s email administrator. Ready to level up?

Phishing 85

Phishing Threat Reports Ransomware Malware 85

Jane Frankland

JANUARY 12, 2024

Reading that line should be a wakeup call for anyone who cares about reducing cyber threats and resilience, for women are an integral defence strategy. Drawing on gender diversity specifically, women are found to be more productive, innovative and able to stay on schedule, and within budget, much more than homogeneous teams.

Cybersecurity 182

Cybersecurity Risk Banking CISO 182

Centraleyes

APRIL 25, 2024

Incident Response Preparedness: Evaluating an organization’s preparedness to respond to security incidents, including having an incident response plan, conducting drills, and ensuring well-trained personnel. This independence ensures objectivity and reduces the likelihood of biases in the assessment.

Risk 52

Risk Accountability Technology Software 52

Centraleyes

JANUARY 18, 2024

Trust : Building trust is foundational in any successful partnership. In the next section of this blog, we’ll examine the fundamental principles of effective risk management, providing a comprehensive third-party due diligence checklist to aid in recognizing, measuring, and mitigating the risks linked to external partnerships.

Risk 52

Risk Insurance Cyber Risk Technology 52