Ransomware: To pay or not to pay, that is the question

paying ransomware

State of the ransomware attack. The good, the bad and the ugly… In some ways, the devastating ransomware attacks of the last two years have empowered security officers to obtain the budgets they need to upgrade their organizations’ cybersecurity preparedness and establish more robust security programs to cover people, technology, and procedures. The brazen nation-state […]

The 5 Core Cybersecurity Elements for an Effective CISO Strategy

cybersecurity strategy

There is no “one size fits all” with CISO strategies for cybersecurity Over the last six months, we have seen an escalation in the number of reported cyberattacks, in their range, sophistication and in their long-lasting impact on businesses such as the Colonial Pipeline attack, and SolarWinds to name just two. These events obviously highlight […]

The 20-Year Evolution of Nation-State Grade Cyber Attacks and Its Impact on Enterprises Today

nation-state cyberattack evolution

Gone are the days when nation-state-grade cyberattacks were the exclusive activity of state actors against state targets. Today, the situation has shifted. State actors still dominate nation-state-grade cyberattacks, but increasingly, non-state attackers purchasing nation-state-grade cyberattack tools on the Darknet, are also leading cyberattacks against private enterprises and even targeting private citizens. The trend for attacks […]

Why Should Nation-State Grade Attacks Be The Focal Point of Your Cybersecurity Strategy?

nation-state attacks

Anatomy of a nation-state grade attack The 2020 Solar Winds attack, believed to have been launched by Russia’s Cozy Bear (AKA APT29), a Russian hacker group reputedly associated with Russian agencies such as FSB and/or SVR, was a nation-state grade attack. It stealthily “trojanized” an update of SolarWinds’ Orion, an infrastructure monitoring and management software […]

What are the keys to a successful cybersecurity strategy? Our CEO Ran Shahor Explains All

cybersecurity strategy interview

According to Ran Shahor, CEO and co-founder of HolistiCyber, a successful cybersecurity strategy should start with a detailed plan. This should place your business requirements, budget, and security posture at the forefront of any other decisions you make to keep your company assets and data secured.  How do you build your strategy? Well, for starters, […]

Russian Cyber Threat Defense – Now and Looking Forward

Russian Cyber

Despite the perceived breakneck pace of change since the start of the pandemic, many aspects of life remained the same. In 2017 a US Director of Intelligence paper explained how software supply chain attacks “circumvent traditional cyber defenses to compromise software to enable successful, rewarding, and stealthy methods to subvert large numbers of computers through a […]

Key Factors Underlying Third-Party Risk Management

third party risk management

The shift from office-based work to working from home that characterized 2020’s adaptation to COVID-19 lockdowns, has seen soaring digital risks stemming from mishandled third-party risk management. This at a time where reliance on third-party service providers is so pervasive that the Institute of Collaborative Working estimates that up to 80 percent of direct and […]

9 Elements Required for an Effective Third Party Risk Management Framework

third-party risk

The increasing reliance on third-party vendors has opened a set of risks that requires a new approach to implementing efficient Third-Party Risk Management (TPRM). Third-party vendors such as payment gateways, web plugins, email servers, and countless others typically work with multiple companies at a time. Consequently preventing the next supply-chain attack before the vendor’s exploit […]

We use cookies to provide the services and features offered on our website, and to improve our user experience.