Articles Tagged with ''risk management''

We spend a lot of time and effort so we can spot attackers — and for a good reason! But without visibility into our own organizations, we’re left with too much uncertainty. So how can you use more visibility to counter the fog of war?

In this installment of the Cybersecurity and Geopolitical Podcast, Ian Thornton-Trump (CISO at Cyjax) and Tristan de Souza retrospectively look at the inaugural International Cyber Expo in London, discussing data breaches, the role of a CISO and more.

A recent surge in cyberattacks, including SolarWinds and Colonial Pipeline, has intensified a focus on cybersecurity across industrial sectors and critical infrastructure. As a result, the U.S. government and other organizations within the nation’s defense supply chain have taken action to protect the critical assets and organizations that ensure the security and prosperity of our country. 

Like many other security processes, penetration testing and threat hunting are often incorrectly equated. However, the difference between the two is that between prevention and detection. 

HP Wolf Security threat research team sees cybercriminals using legitimate cloud providers to host malware, and switching up file and script types to evade detection tools.

School budgets have been set for the 2021/2022 school year, policies and procedures have been updated, staffing levels have been established, and security solutions have been deployed into this dynamic environment. Here, we consider adjustments that can be made to deployed controls so that children and school staff remain safe in both hybrid and remote learning environments.

Throughout the past two years, supply chain professionals have experienced the national and international disruptions that can occur as a result of cyberattacks, with some threats completely halting certain sectors. 

Randori released a report that identifies the most tempting internet-exposed assets that an attacker is likely to go after.

While the appeal of taking action against an attacker is easy to see, private sector hack back is a very bad idea. We encourage organizations to employ active defense techniques, but limit these to assets you own or operate. Hack back raises a number of concerns, as detailed here..