Operating an effective SOC requires overcoming a wide range of challenges. Often, security teams have too many disparate tools to manage, too many alerts to make sense of, and too many data sources that prevent the team from achieving full visibility. All these hurdles can make it difficult for your SOC analysts to identify and quickly respond to suspicious behavior and indicators of compromise.

If your company works with the US Department of Defense (DoD) as a contractor or subcontractor, you will need to prepare to meet CMMC requirements in order to successfully bid on and win contracts. This recent development has been a significant adjustment for small organisations who wish to work with or continue working with the DoD.

Windows 11 is the most secure Windows version to date. Microsoft's new operating system is now available, after learning several lessons from its predecessor. The Redmond company states that the widespread use of hybrid and remote work environments during the pandemic opened the door to a host of threats, with Windows vulnerabilities exploited by hackers, such as the incidents with Specter and Meltdown.

It was 4:00 in the morning, May 20, 2021. Matthew Day, CIO of Langs Building Supplies (Langs) was excited for a long-anticipated holiday after 14 months of lockdown due to COVID-19. His wife was thrilled. His friends, ecstatic. But the day took an unexpected turn. Instead of waking up delighted to leave for his getaway, Day woke up to every CIO’s worst nightmare, the dreaded phone call: “We’ve been hacked.”

TL;DR: Accompanying today’s announcement from CISA (BOD 22-01) and their new Known Exploited Vulnerabilities Catalog, SURGe and Splunk Threat Research Team (STRT) have coordinated to add functionality into Enterprise Security Content Updates (ESCU). This added functionality will help network defenders understand vulnerability context alongside relevant ESCU detections.

While threat actors continue to vary attack methods, these 10 essential cyber security controls can significantly improve your security posture, therefore making it harder for cyber criminals to compromise your network and increasing your opportunities for cyber insurance coverage.

Looking back at the past year, there have been some downright spooky trends facing cyber security professionals. Ransomware attacks have skyrocketed, impacting organizations from healthcare to critical infrastructure to the suppliers of MSP suppliers and everyone in between. APT crews and criminal gangs have taken advantage of the pandemic that pushed everyone to remote work, making 2020/2021 the year that bad cybersecurity preparedness came home to roost.

Reciprocity® Risk Intellect is a new risk-analysis tool that, when used with the Reciprocity ZenGRC® platform, provides insight on the impact your compliance programs have on your cyber risk posture. By mapping your current compliance control assessments to cyber risks, it provides immediate context and visibility into which cyber risks and controls offer the greatest opportunity for reducing risk.

Cybercrime can take many forms, and the criminals behind such attacks work with increasing sophistication — even to the point that some companies may, unwittingly, be helping criminals launch attacks against other organizations. For example, botnets are an organized network of infected devices at a hacker’s disposal, which the hacker then uses to carry out cybercrime schemes by harnessing resources available to the bots on the system.