Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AT&T Cybersecurity

Building trust in a Zero-Trust security environment

Despite years of industry efforts to combat insider threats, malicious behavior can still sometimes be difficult to identify. As organizations work towards building a corporate cyber security culture, many have begun looking into zero-trust architectures to cover as many attack surfaces as possible. This action is a step in the right direction, but it also has the potential to raise fears and generate negative responses from employees.

Challenges that impact the Cybersecurity talent pipeline

Cyberattacks are alarming, and establishments must increase protections, embrace a layered attitude, and cultivate security-conscious users to combat growing concerns. Cybersecurity leaders are being inundated with talent development resources offered, encompassing hiring, recruitment, and retention of the talent pipeline. Fifty percent of hiring managers typically deem that their candidates aren’t highly qualified.

Stories from the SOC - Persistent malware

One of the most prevalent threats today, facing both organizations and individuals alike, is the use of ransomware. In 2021, 37% of organizations said they were victims of some type of ransomware attack. Ransomware can render large amounts of important data inaccessible nearly instantly. This makes reacting to potential ransomware events in a timely and accurate manner extremely important. Utilizing an endpoint security tool is critical to help mitigate these threats.

How to counter smart home device breaches

This blog was written by an independent guest blogger. Businesses that allow employees to work from home are more likely to encounter a new security threat — compromised smart home devices. Smart technology connected to an employee’s home network, like smart thermostats, appliances, and wearables, can all fall victim to hackers. Workers that join their employer’s network remotely can unwittingly allow compromised devices to open the doors to hackers.

What to look for in a vCISO as a service

“Approximately 64% of global CISOs were hired from another company” according to the 2021 MH Global CISO Research Report. The reasons are because of talent shortages, the role is still new to some companies, and companies have not created a succession plan to support internal promotions. To overcome these challenges, companies can look to Virtual Chief Information Security Officer (vCISO) or a vCISO as a service provider.

Cybersecurity and resilience: board-level issues

Resilience means more than bouncing back from a fall at a moment of significantly increased threats. When addressing resilience, it’s vital to focus on long-term goals instead of short-term benefits. Resilience in the cybersecurity context should resist, absorb, recover, and adapt to business disruptions.

How and why you should secure APIs

APIs are a crucial tool in today’s business environment. Allowing applications to interact and exchange data and services means that companies can provide an ever-greater range of features and functionalities to their clients quickly and easily. So, it is no wonder that a quarter of businesses report that APIs account for at least 10% of their total revenue - a number that will only increase in coming years.

Analysis on recent wiper attacks: examples and how wiper malware works

Wiper’s main objective is to destroy data from any storage device and make the information unavailable (T1485). There are two ways of removing files, logical and physical. Logical file removal is the most common way of erasing a file, performed by users daily when a file is sent to (and emptied from) the Recycle bin, or when it is removed with the command line or terminal with the commands del/rm.

Endpoint security and remote work

Remote work is the new reality for companies of all sizes and across every industry. As the majority of employees now perform their job functions outside the technology ecosystem of their local office, the cybersecurity landscape has evolved with the adoption of terms such as Zero Trust and Secure Services Edge (SSE).