The 12 Days of Security

We are all familiar with the (verrrrrry long) holiday favorite 12 Days of Christmas. While security goes WELL beyond 12 days, we wanted to share 12 of our resources to help you in your cyber defense journey this holiday season. A Weekly Cyber Breakdown Every week our team uses an AI engine to pull the […]

SolarWinds: Preventing and Hunting other MSP Attacks

solarwinds MSP breach supply chain

The SolarWinds breach has again exposed the trusted supply chain as a favored method of cyber-attack. Nation-state level threat actors compromised its software updates in order to rollout backdoor access among its customer base. The network management and monitoring powerhouse has upwards of 300,000 customers across enterprise and government, so the potential fallout from this […]

Red Team vs. Blue Team: Discussing the Divide

red team blue team purple team

Peter Cohen, Managing Director, EMEA Red vs Blue – most people in cybersecurity agree that the gap between the two sides of the industry remains vast. Red-teams work with potent combinations of creativity, training, research, and industry kudos. This is just as well if they are to replicate the kind of attacks seen in the […]

FireEye Breach: What to Know

fireye fireeye security infosec breach

Who is FireEye? FireEye provides cybersecurity products (endpoint and network) to detect and prevent against advanced threats. A few years ago FireEye bought Mandiant, one of the world’s premier cybersecurity consultancies, particularly in Incident Response. Together, the product and consulting business has had success worldwide and has several government contracts including in the US. What […]

Bringing Security into Compliance

Security teams are already overwhelmed with keeping up with threats and protecting the network and the data that flows within it. Especially when working in a highly regulated industry such as finance, healthcare, or utilities, it can be a real challenge to keep up with all the changes in regulation. What’s wrong with compliance? We […]

The State of the Nation: Incident Report in the U.K.

uk data breach report

“Phishing incidents are up 56% between 2019 and 2020, and hardware/software misconfigurations are up 44%.” We are all familiar with the Verizon Data Breach Report: it’s a guidebook on where the cyber world is with incidents globally. While this is an invaluable asset to the industry each part of the world has their own nuances […]

Crafting an Effective Risk Register

pen signing

Risk is much more than a report shown to the board every quarter. It’s a major point of discussion for any CISO regardless of industry, and not just on the mitigation side. The ability to effectively assess risk is a critical part of any program – but it has to be done realistically. The Challenges […]

Social Engineering: Training your way around the threat

checkmate board

Why is social engineering one of the most widely discussed topics in security? Because it’s one of the most effective offensive tactics, and an inherently human discussion. It’s a concept that is easily understood because it largely plays on emotion. Whether it be fear, compassion, or anger that is used, we can fundamentally understand why […]

9 Tips for Fighting Ransomware

hand on keyboard

Several recent high-profile ransomware attacks have caused organizations to take a closer look at their ability to deal with such an incident. The stakes could scarcely be higher, as ransomware attacks executed by human operators are targeted to bring down global production lines and deny access to business systems – while stealing and then encrypting […]

Has COVID-19 affected your cybersecurity budgets?

budget covid infosec cybersecurity budgets

We ran a survey of cybersecurity professionals on what effect COVID-19 is having on their resources. We found out some interesting facts we would like to share with you. Budgets Over 76% of the respondents said their cybersecurity budgets will increase or that they don’t anticipate them to change. Almost a quarter of them are […]