MyCISO
MyCISO Service Implementing targeted security strategies to secure your assets Contact Us Solution Brief Overview Today, it is as easy to purchase a piece of malware off the Darknet as it is to shop for a toothbrush. There is tremendous commercial collaboration amongst cyber offenders. They share knowledge and cyber-attack tooling easily and anonymously. This […]
The 5 Core Cybersecurity Elements for an Effective CISO Strategy
There is no “one size fits all” with CISO strategies for cybersecurity Over the last six months, we have seen an escalation in the number of reported cyberattacks, in their range, sophistication and in their long-lasting impact on businesses such as the Colonial Pipeline attack, and SolarWinds to name just two. These events obviously highlight […]
The 20-Year Evolution of Nation-State Grade Cyber Attacks and Its Impact on Enterprises Today
Gone are the days when nation-state-grade cyberattacks were the exclusive activity of state actors against state targets. Today, the situation has shifted. State actors still dominate nation-state-grade cyberattacks, but increasingly, non-state attackers purchasing nation-state-grade cyberattack tools on the Darknet, are also leading cyberattacks against private enterprises and even targeting private citizens. The trend for attacks […]
Why Should Nation-State Grade Attacks Be The Focal Point of Your Cybersecurity Strategy?
Anatomy of a nation-state grade attack The 2020 Solar Winds attack, believed to have been launched by Russia’s Cozy Bear (AKA APT29), a Russian hacker group reputedly associated with Russian agencies such as FSB and/or SVR, was a nation-state grade attack. It stealthily “trojanized” an update of SolarWinds’ Orion, an infrastructure monitoring and management software […]
Recent Nation-State Grade Attacks Are a Wake-Up Call for Many Organizations to Improve Cyber Defenses
The Awakening and What’s Behind President Joe Biden’s Executive Order on Cybersecurity There has never been a more opportune time to implement a pro-active cyber-defense strategy against Nation-State grade level threats for both the public and the private sectors in the US. The recent wave of cyber-offenses on government entities, utilities, and businesses have finally […]
What are the keys to a successful cybersecurity strategy? Our CEO Ran Shahor Explains All
According to Ran Shahor, CEO and co-founder of HolistiCyber, a successful cybersecurity strategy should start with a detailed plan. This should place your business requirements, budget, and security posture at the forefront of any other decisions you make to keep your company assets and data secured. How do you build your strategy? Well, for starters, […]
Russian Cyber Threat Defense – Now and Looking Forward
Despite the perceived breakneck pace of change since the start of the pandemic, many aspects of life remained the same. In 2017 a US Director of Intelligence paper explained how software supply chain attacks “circumvent traditional cyber defenses to compromise software to enable successful, rewarding, and stealthy methods to subvert large numbers of computers through a […]
Key Factors Underlying Third-Party Risk Management
The shift from office-based work to working from home that characterized 2020’s adaptation to COVID-19 lockdowns, has seen soaring digital risks stemming from mishandled third-party risk management. This at a time where reliance on third-party service providers is so pervasive that the Institute of Collaborative Working estimates that up to 80 percent of direct and […]
9 Elements Required for an Effective Third Party Risk Management Framework
The increasing reliance on third-party vendors has opened a set of risks that requires a new approach to implementing efficient Third-Party Risk Management (TPRM). Third-party vendors such as payment gateways, web plugins, email servers, and countless others typically work with multiple companies at a time. Consequently preventing the next supply-chain attack before the vendor’s exploit […]
9 Tips for Fighting Ransomware
Several recent high-profile ransomware attacks have caused organizations to take a closer look at their ability to deal with such an incident in advance, and fighting ransomware if an instance occurs. The stakes could scarcely be higher, as ransomware attacks executed by human operators are targeted to bring down global production lines and deny access […]
