‍The power of an on-demand cyber risk quantification (CRQ) platform lies in its ability to harness an extensive amount of data, filter it, and consequently produce an objective assessment that offers key stakeholders an understanding of how likely their organization is to experience certain cyber events, along with the respective financial losses.

A wave of cheap, crude, amateurish ransomware has been spotted on the dark web - and although it may not make as many headlines as LockBit, Rhysida, and BlackSuit, it still presents a serious threat to organizations.

Dive into our highlights from HackSpaceCon 2024, covering red teaming, AI, and securing critical infrastructure to prepare for ever-evolving cyber threats.

Hackers love to trick employees into wiring them money using emails that look legitimate. Here's what you need to know about business email compromise scams.

The average cost of a cyberattack in the United States is 9.5 million. With over 60% of businesses going bankrupt after experiencing a severe data breach, robust security measures to safeguard organizations’ digital assets and operations are urgently needed. A powerful tool gaining significant traction in addressing these challenges is Security Information and Event Management (SIEM).

In recent years, breach and attack simulation (BAS) has gained significant traction among enterprises, emerging as a crucial component in fortifying proactive security by automating the ongoing testing of threat vectors. It empowers organizations to verify potential threats, enhance security controls, identify vulnerabilities in critical assets, and prioritize remediation efforts to bolster cyber resilience.

It's an undeniable truth that significant differences exist across many facets of life. Sports figures like LeBron James and Michael Jordan possess exceptional talent, which has propelled them to accomplish feats that defy human capability. Jeff Bezos and Elon Musk's extraordinary business achievements make them the epitome of success and a source of inspiration for many. These examples underscore a crucial point: Some things are just better than others.

Reading this recent Wall Street Journal article about Apple’s push to drive adoption of their Vision Pro “spatial computers” in the enterprise got me thinking: Can VR headsets really make the leap from a cool gadget to a serious business tool? The potential is exciting—imagine the possibilities for collaboration and training. But then my security-focused brain kicked in. How do we manage the risks that come with introducing these powerful devices into the workplace?

Over the past twenty years, I have navigated a unique journey through the cybersecurity landscape. My path has taken me from the realms of hacking and academia into the heart of threat intelligence (TI), culminating in my current role. Since I joined Cato in 2021, I’ve been leading security strategy and am proud to share the culmination of Cato’s research efforts in Cyber Threat Research Lab (Cato CTRL), our cyber threat research team.

Not too long ago, when I was designing, building, operating and defending networks, the government organizations I worked with were burdened with many tasks related to deploying a new capability. We needed to decide and plan how it would be assessed and authorized, deployed, maintained, operated, patched, defended and, of course, when and how to upgrade the capability. Assessment and authorization would take months, if not over a year, for a system or set of capabilities.