Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

0-Days are on the Rise and that Means a Lot More Work for SOC Teams

In a recent report by the incident response giant Mandiant, which was purchased by Google in March, their researchers found that 2021 was a record year for the total number of 0-day vulnerabilities disclosed and exploited. According to their findings, their team identified some 80 0-days exploited in the wild. At the same time, Google Project Zero researchers reported the detection and disclosure of 58 0-days.

3 Tips for Mitigating the Insider Threat Facing Government Organizations

Verizon’s Data Breach Investigation Report for 2022 (DBIR) was recently released and it has some good news and it has some bad news when it comes to the risk of insider attacks. First the good news, sort of. According to the DBIR, the vast majority of breaches continue to come from external actors (80% vs 18% of insiders). Hopefully we can be a little less suspicious of Bob who sits two offices down from you. However when an insider attack happens, it can be really, really destructive.

From Behavior Analytics to Security Education: 4 Ways Organizations Should Mitigate Modern Insider Attacks

While the stakes for private sector organizations differ drastically from governments that have to protect state secrets like hacking tools or nuclear technologies, businesses do have their own needs for Data Loss Prevention measures. Organizations can face the threat of data like their intellectual property (IP), source code, customer details, Personally Identifiable Information (PII), financial info, and many other types of information being stolen or corrupted.

Training Will Be Key to Retaining SOC Analysts

Working in a Security Operations Center (SOC) is like working in an emergency room on a weekend shift at 2 AM. The steady stream of new alerts screaming for attention and combined with the lack of enough trained personnel make it a miracle that it all seems to work through on a string and a prayer. The question is though, when will the luck run out?

How to Reduce the Risk of Former Employees Coordinating with Insider Threats

When it comes time for an employee to leave your organization, you want it to be on friendly terms. But there are definitely limits to how friendly you want folks to be after they leave. Especially when it comes to accessing materials from their old position for their new endeavors. In a recent bizarre case, it was reported that a former acting Department of Homeland Security Inspector General has pleaded guilty to stealing government software and data for use in his own product.

Cybersecurity Trends for 2022: Why Staying Ahead of the Threat Has Never Been So Critical

2021 was a devastating year for cybersecurity. As business accelerated digital adoption and people played out their lives online, threat actors were ready to capitalize on the transitional moment, savagely targeting everything from critical health infrastructure to small and medium-sized businesses. By Q4 of 2021, the number of reported data breaches had already surpassed 2020 totals, which were historic in their own right.

Four Insider Threats Putting Every Company At Risk

Few concerns keep business leaders up at night like the threat of a cybersecurity incident. With the average cost of a data breach exceeding $4 million for the first time and public sentiment, regulatory requirements and practical functionality firmly against companies that can’t protect their digital landscape, many leaders are reprioritizing cybersecurity in response to this increasingly urgent reality.

3 Tips for Negotiating Permanent Flexible Work Status

It’s finally happening. More than a year after embarking on “the world’s largest work-from experiment,” many businesses are bringing people back to the office. For some, this is excellent news. They’ve been looking forward to highway commutes, in-person meetings, and always valuable watercooler talk. These people are in the minority.

The Attack is Coming from Inside the House | The Insider Threat Persists

Looking back at the past year, there have been some downright spooky trends facing cyber security professionals. Ransomware attacks have skyrocketed, impacting organizations from healthcare to critical infrastructure to the suppliers of MSP suppliers and everyone in between. APT crews and criminal gangs have taken advantage of the pandemic that pushed everyone to remote work, making 2020/2021 the year that bad cybersecurity preparedness came home to roost.

Guarding Against The Human Element: How Insider-Threat Trends Should Guide Cybersecurity Policy

The number of data breaches has increased every year for more than a decade. Each incident costs companies time, money and resources to repair while inflicting often-irreparable damage to their brand reputation and customer loyalty. This reality only became more apparent during the recent pandemic as threat actors capitalized on the moment’s disruption and uncertainty to wreak havoc on our digital environments. In 2021, the number of data breaches is already on pace to reach a new record high.