The speed at which security operations are processed and data is consumed is moving at a dazzling pace. This is why flexibility, customizability, and user-friendliness are deemed as core pillars of next-gen security solutions. And it is exactly what Cloud SOAR’s Open Integration Framework is all about.

Talk to cybersecurity experts about cybercrime on their network, and they will mention malicious activity like scans, attacks, events, and incidents. Probably at some point, they will slip into geek-speak with a vast array of confusing acronyms and jargon while explaining tactics and techniques by referencing infamous attacks, Internal protocols, and industry shorthand.

Today’s complex cyber threats leave no room for mediocrity. Security analysts must know who is attacking them, how the attacker gained access, what methods they used to infiltrate your systems, and what their next move might be. However, modern cyber threats leave no recognizable patterns in their behavior, making threat anticipation harder than ever. To boost their threat hunting capabilities, SOC teams must implement advanced technologies and strategic techniques.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Claims of a new method to stash malware in parts of a system where no code has gone before has raised a few comments that, no, this is not new. As usual I’m sure we will see…

In today’s fast-paced cyber threat landscape, it is not a question of IF but WHEN an organization is going to get breached. And in order to prepare in a preemptive manner, organizations should strive to minimize their attackers’ dwell time as much as possible. This is why metrics such as MTTR (Mean time to respond) and MTTD (Mean time to detect) have grown to be highly relevant in the cybersecurity industry.

Most ransomware groups operating in the RaaS (Ransomware-as-a-Service) model have an internal code of ethics that includes avoiding breaching some specific sectors, such as hospitals or critical infrastructure, thus avoiding great harm to society and consequently drawing less attention from law enforcement.

What would you do when a security incident is detected? Shut down the servers? Pull out the power cord from the data center? When an incident is detected, both the incident method and the time required to contain an incident are essential to limit the damage. The slower you are to react, the more damage an incident would incur. And a service downtime to contain an incident can cost businesses even more than a security incident itself.

The Digital Operations Resilience Act (DORA) is the European Union’s attempt to streamline the third-party risk management process across financial institutions. A draft of DORA was published by the European Commission on 24 September 2020. Without this act, there isn't an objective Information and Communication Technology (ICT) risk management standard in Europe.

No organization is impervious to cyberattacks. But what separates resilient businesses from data breach victims is superior risk management. Resilience is achieved through the meticulous calculation of all potential risks and the application of necessary control measures to mitigate them. In this post, we present a 4-step framework for a reliable risk management plan.