A long time ago (in the early 2000s), I was playing games online. One of my accounts was compromised – the password was changed, and multiple “high-priced” items I had earned were “traded” without my knowledge, to the account of another player. One could easily blame my simple password at that time when there were no rules around password strength. Regardless of the reason, what happened was one of the earliest versions of an account takeover (ATO) attack.
For our latest specialist interview in our series speaking to technology leaders from around the world, we’ve welcomed Charles Denyer. Charles is an Austin-based cybersecurity and national security expert who has worked with hundreds of US and international organizations. He is a founding member and senior partner in two consulting and compliance firms.
Ransomware has become an annual event for many organizations, costing them millions in lost productivity and revenue. While there have been some notable successes in fighting off this threat, the industry as a whole must continue strengthening its resolve in order to safeguard against future attacks. Part of this can come down to recognizing the role that users and employees play in fighting off these attacks and providing them with info and tools they need to help reduce risks.
Cyber attacks, like the pandemic that has spurred the rise in incidents, have been relentless. Over the past eight months, there has been a significant escalation as the sophistication of these attacks has risen. Hackers are going after key vendors, allowing them to target wide swaths of valuable victims like we have seen in the attacks on SolarWinds, Microsoft Exchange, Colonial Pipeline, and more recently, MSP software provider Kaseya.
“We are honored to have our ZenGRC platform recognized with four G2 Fall 2021 Grid Report badges: Leader, Momentum Leader, Mid Market Leader, and Users Love Us,” said Jenny Victor, Vice President of Marketing at Reciprocity.
Companies list governance, risk, and compliance (GRC) as a top priority, but “doing GRC” isn’t easy. It takes time, effort and a strategy – and starting is usually the hardest part. So, in the first of our Back to Basics blogs, we’re going to focus on where every compliance and risk practitioner should start when building a GRC program: selecting the compliance frameworks which will form the foundation of your GRC program…
“What happened?” If you’ve never uttered those words, this blog isn’t for you. For those of us in cybersecurity, this pint-sized phrase triggers memories of unforeseen security incidents and long email threads with the CISO. What happened to those security patches? Why didn’t we prevent that intrusion? Organizations tend to lean towards protecting their borders and less towards understanding the importance of overall security hygiene.
This article is the first in our series on the Science Behind Cyber Security. Cyber security is often seen as a bit like the wild west, where it’s difficult to differentiate genuine solutions from snake oil. You can counter this by applying a scientific approach to scrutinise your planned cyber investments. As a buyer, you can find reassurance in the science and logic of a solution.
