The 12 Days of Security

holidays

We are all familiar with the (verrrrrry long) holiday favorite 12 Days of Christmas. While security goes WELL beyond 12 days, we wanted to share 12 of our resources to help you in your cyber defense journey this holiday season. https://youtu.be/sdJq7sUPgP8 A Weekly Cyber Breakdown Every week our team uses an AI engine to pull […]

SolarWinds: Preventing and Hunting other MSP Attacks

solarwinds MSP breach supply chain

The SolarWinds breach has again exposed the trusted supply chain as a favored method of cyber-attack. Nation-state level threat actors compromised its software updates in order to rollout backdoor access among its customer base. The network management and monitoring powerhouse has upwards of 300,000 customers across enterprise and government, so the potential fallout from this […]

Red Team vs. Blue Team: Discussing the Divide

red team vs blue team

Peter Cohen, Managing Director, EMEA Red Team vs Blue Team– most people in cybersecurity agree that the gap between the two sides of the industry remains vast. Red-teams work with potent combinations of creativity, training, research, and industry kudos. This is just as well if they are to replicate the kind of attacks seen in […]

FireEye Breach: What to Know

fireeye security infosec breach

Who is FireEye? FireEye provides cybersecurity products (endpoint and network) to detect and prevent against advanced threats. A few years ago FireEye bought Mandiant, one of the world’s premier cybersecurity consultancies, particularly in Incident Response. Together, the product and consulting business has had success worldwide and has several government contracts including in the US. What […]

Bringing Security into Compliance

security compliance

Security teams are already overwhelmed with keeping up with threats and protecting the network and the data that flows within it. Especially when working in a highly regulated industry such as finance, healthcare, or utilities, it can be a real challenge to keep up with all the changes in regulation. What’s wrong with compliance? We […]

The State of the Nation: Incident Report in the U.K.

uk data breach report

“Phishing incidents are up 56% between 2019 and 2020, and hardware/software misconfigurations are up 44%.” We are all familiar with the Verizon Data Breach Report: it’s a guidebook on where the cyber world is with incidents globally. While this is an invaluable asset to the industry each part of the world has their own nuances […]

Crafting an Effective Risk Register

cybersecurity risk register

Risk is much more than a report shown to the board every quarter. It’s a major point of discussion for any CISO regardless of industry, and not just on the mitigation side. The ability to effectively assess risk is a critical part of any program – but it has to be done realistically. The Challenges […]

Social Engineering: Training your way around the threat

social engineering

Why is social engineering one of the most widely discussed topics in security? Because it’s one of the most effective offensive tactics, and an inherently human discussion. It’s a concept that is easily understood because it largely plays on emotion. Whether it be fear, compassion, or anger that is used, we can fundamentally understand why […]

Has COVID-19 affected your cybersecurity budgets?

cybersecurity budget

We ran a survey of cybersecurity professionals on what effect COVID-19 is having on their resources. We found out some interesting facts we would like to share with you. Budgets Over 76% of the respondents said their cybersecurity budgets will increase or that they don’t anticipate them to change. Almost a quarter of them are […]

The Coronavirus Cyber Doc Diagnosis: Work from Home

coronavirus cyber

The COVID-19 scare has more people than ever are working at home. While this isn’t a new trend, it is affecting people on a much more massive scale now in light of the current health frenzy. The giants have taken heed: Amazon, Facebook, Google, Microsoft among others have all disseminated their office workers in specific […]