Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cybersecurity is never boring. In recent months, we’ve seen major cyberattacks on Las Vegas casinos and expanded SEC cybersecurity disclosure rules are top of mind. Is it any wonder we consistently recommend taking a proactive approach to secure your environment with a defense-in-depth strategy and appropriate monitoring? News outlets reported the recent compromise at the Identity and Authentication (IAM) firm, Okta.

As cloud computing continues to expand with no end in sight, it’s only wise to invest in it. Infrastructure-as-a-Service, Platform-as-a-Service and Software-as-a-Service bring significant cost savings (personnel and ownership), improved performance, better reliability, freedom to scale and significant security benefits. It’s no wonder many businesses have already adopted all three of these models.

For folks who are responsible for threat detection of any kind for their organizations, the cloud can often be a difficult area to approach. At the time of writing, Amazon Web Services contains over two hundred services, while the Azure cloud offers six hundred. Each of these services can generate unique telemetry and each surface can present defenders with a unique attack path to handle. Adding to this complexity is the diversity of cloud workload configurations, as well as varying architecture models.

For many years, hackers and cybercriminals have used social engineering techniques to gain unauthorized access to confidential information. It is easy to predict that these attacks will continue to advance in sophistication and frequency. Whether they are using AI to create better lures or cyber criminals are just getting more adept at exploiting human nature, the success of these attacks proves the tactics are winning.

What to expect when you’re expecting a cybersecurity audit for compliance A cybersecurity audit is a structured evaluation or assessment conducted to determine an organization's level of compliance with relevant cybersecurity regulations, industry standards and internal policies. Read on to learn what an audit is looking for, the challenges of an audit, how to prepare for one, and the tools that can help your organization get ready.

Consider the following scenario: you are asked by your leadership to find dedicated time for threat hunting activities within your network. After some time, access to the shiny new tool of choice is granted and you are super excited to get started. You log into the tool and are greeted with a lovely search bar; how do you proceed from here? The tool presenting the blank search bar is undoubtedly powerful and feature packed.

So, you want to be a cybersecurity analyst. You’ll be pleased to know it’s a profession with a strong job outlook, thanks to the increasing importance of cybersecurity. With the rise in high-profile data breaches, privacy concerns and rapid technological advancements, there is a greater demand for cybersecurity analysts now than ever.

The U.S. Securities and Exchange Commission (SEC) announced new regulations for public companies requiring them to disclose a “material cybersecurity incident” via formal report due four business days after a company determines that a cybersecurity incident is material. This is creating a lot of buzz, with companies worried if they will be prepared.

Within the security community of late, the focus has been on “shifting left”, and while that has merit, it is somewhat myopic missing some of the realities of defense in practice. Instead, I propose a simple framework to help guide initiatives that will “level up” defenses and greatly improve security postures wholistically. Some license is taken in terminology in order to keep things simple, memorable, and applicable.

For those responsible directly or indirectly for the cyber defense of their organizations, June 2023 is proving to be an extremely challenging month. In this month alone, vulnerabilities were discovered in various appliances, ranging from CVE-2023-27997 impacting FortiGate devices to CVE-2023-35708 impacting MOVEit Transfer software as well as the exploitation activity discovered of Barracuda appliances via CVE-2023-2868.