Weekly Cyber Breakdown

With so much information out there it’s good to know what is top of mind for other industry professionals. We’ll be updating this blog on a weekly basis with the top 10 articles and newsworthy topics in cybersecurity. This is a repository of top trends based on what industry leaders have been discussing most. Think […]

5 Core Elements of an Effective Cybersecurity Strategy for CISOs

cybersecurity strategy

There is no “one size fits all” when it comes to cybersecurity. Over the last six months, we have seen an escalation in the number of reported cyberattacks, in their range, sophistication and in their long-lasting impact on businesses such as the Colonial Pipeline attack, and SolarWinds to name just two. These events obviously highlight […]

The 20-Year Evolution of Nation-State Grade Cyber Attacks and Its Impact on Enterprises Today

cybersecurity

Gone are the days where nation-state-grade cyberattacks were the exclusive activity of state actors against state targets. Today, the situation has shifted. Nation-state-grade cyberattacks are still dominated by state actors, but increasingly, non-state attackers purchasing nation-state-grade cyberattack tools on the Darknet, are also leading cyberattacks against private enterprises and even targeting private citizens.    Nation-state-grade […]

Why Should Nation-State Grade Attacks Be The Focal Point of Your Cybersecurity Strategy?

nation-state attacks

Anatomy of a nation-state grade attack The 2020 Solar Winds attack, believed to have been launched by Russia’s Cozy Bear (AKA APT29), a Russian hacker group reputedly associated with Russian agencies such as FSB and/or SVR, was a nation-state grade attack. It stealthily “trojanized” an update of SolarWinds’ Orion, an infrastructure monitoring and management software […]

What are the keys to a successful cybersecurity strategy? Our CEO Ran Shahor Explains All

According to Ran Shahor, CEO and co-founder of HolistiCyber, a successful cybersecurity strategy should start with a detailed plan. This should place your business requirements, budget, and security posture at the forefront of any other decisions you make to keep your company assets and data secured.  How do you build your strategy? Well, for starters, […]

Russian Cyber Threat Defense – Now and Looking Forward

Russian Cyber

Despite the perceived breakneck pace of change since the start of the pandemic, many aspects of life remained the same. In 2017 a US Director of Intelligence paper explained how software supply chain attacks “circumvent traditional cyber defenses to compromise software to enable successful, rewarding, and stealthy methods to subvert large numbers of computers through a single […]

Key Factors Underlying Third-Party Risk Management

third party risk management 2

The shift from office-based work to working from home that characterized 2020’s adaptation to COVID-19 lockdowns, has seen soaring digital risks stemming from mishandled third-party risk management. This at a time where reliance on third-party service providers is so pervasive that the Institute of Collaborative Working estimates that up to 80 percent of direct and […]

9 Elements Required for an Effective Third Party Risk Management Framework

Third Party Risk

The increasing reliance on third-party vendors has  opened a set of risks that requires a new approach to implementing efficient Third-Party Risk Management (TPRM). Third-party vendors such as payment gateways, web plugins, email servers, and countless others typically work with multiple companies at a time. Consequently preventing the next supply-chain attack before the vendor’s exploit […]

Defend Like an Attacker: 4 Required Approaches

hand on a laptop

Brig. General Ran ShahorCEO and Co-Founder, HolistiCyber Our CEO and Co-Founder, Brigadier General (Ret.) Ran Shahor  (pictured on the left) was recently featured in Security Magazine relaying his extensive knowledge around nation-state attackers and how to defend against them. Despite the cliché “an attacker doesn’t care about your compliance” it is sadly still how aspects […]