Key Factors Underlying Third-Party Risk Management

third party risk management

The shift from office-based work to working from home that characterized 2020’s adaptation to COVID-19 lockdowns, has seen soaring digital risks stemming from mishandled third-party risk management. This at a time where reliance on third-party service providers is so pervasive that the Institute of Collaborative Working estimates that up to 80 percent of direct and […]

9 Elements Required for an Effective Third Party Risk Management Framework

third-party risk

The increasing reliance on third-party vendors has opened a set of risks that requires a new approach to implementing efficient Third-Party Risk Management (TPRM). Third-party vendors such as payment gateways, web plugins, email servers, and countless others typically work with multiple companies at a time. Consequently preventing the next supply-chain attack before the vendor’s exploit […]

9 Tips for Fighting Ransomware

fighting ransomware

Several recent high-profile ransomware attacks have caused organizations to take a closer look at their ability to deal with such an incident in advance, and fighting ransomware if an instance occurs. The stakes could scarcely be higher, as ransomware attacks executed by human operators are targeted to bring down global production lines and deny access […]

Defend Like an Attacker: 4 Required Approaches

cyber attacker

Brig. General Ran ShahorCEO and Co-Founder, HolistiCyber Our CEO and Co-Founder, Brigadier General (Ret.) Ran Shahor  (pictured on the left) was recently featured in Security Magazine relaying his extensive knowledge around nation-state cyber attackers and how to defend against them. Despite the cliché “an attacker doesn’t care about your compliance” it is sadly still how […]

Utilities and Cybersecurity: Keeping the Lights On – Both On and Offline

utilities cybersecurity

Utilities have a very unique challenge in the cyber arena. You are not only responsible for keeping up with the evolving threats that plague other organizations, but also keeping people’s lifelines open. Just look at what is happening in Texas right now. Thousands of people are without power and water in the middle of a […]

Google TAG team reports: Nation-State attacks can happen to anyone

Early last week Google’s Threat Analysis Group (TAG) posted a blog outlaying a nation-state attack targeting security researchers. Using social engineering and social media these threat actors were able to create “credibility” within the industry. They claimed false credit for vulnerabilities and interacted with researchers under the guise of wanting to “collaborate” with them on new […]

Cyber Threats in 2021: What to watch out for

watch for cyber threats

December 2020 was a massive month in cybersecurity. Between SolarWinds, FireEye, and Microsoft, every cyber professional was on edge, and we can expect to see our fair share of notable cyber threats this year as well. So what can we do about it? Our nation-state grade cyber defense experts pulled their heads together to bring […]

The 12 Days of Security


We are all familiar with the (verrrrrry long) holiday favorite 12 Days of Christmas. While security goes WELL beyond 12 days, we wanted to share 12 of our resources to help you in your cyber defense journey this holiday season. A Weekly Cyber Breakdown Every week our team uses an AI engine to pull […]

SolarWinds: Preventing and Hunting other MSP Attacks

solarwinds MSP breach supply chain

The SolarWinds breach has again exposed the trusted supply chain as a favored method of cyber-attack. Nation-state level threat actors compromised its software updates in order to rollout backdoor access among its customer base. The network management and monitoring powerhouse has upwards of 300,000 customers across enterprise and government, so the potential fallout from this […]

Discussing the Divide in Red Team vs. Blue Team Scenarios

red team vs blue team

Peter Cohen, Managing Director, EMEA Red Team vs Blue Team– most people in cybersecurity agree that the gap between the two sides of the industry remains vast. Red-teams work with potent combinations of creativity, training, research, and industry kudos. This is just as well if they are to replicate the kind of attacks seen in […]

We use cookies to provide the services and features offered on our website, and to improve our user experience.