One thing I have noticed is that each industry comes up with their own terms and acronyms. Unfortunately, these inventions often vary depending on the person you speak to due to a lack of a governing body that decides on an exact definition. At times, acronyms can even overlap, causing further confusion. Therefore, when it comes to definitions, I always look to ask a variety of persons from across industries on how they would define certain terms.

Over 10 million people who have stayed at MGM Resorts hotels – including Twitter boss Jack Dorsey and pop idol Justin Bieber – have had their personal details posted online by hackers. The security breach, publicised by ZDNet and security researcher Under the Breach, saw the records of 10,683,188 former guests – including names, postal addresses, phone numbers, dates of birth, and email addresses – made available in an online data dump.

In part one of this cyber resilience blog series, we discussed what it means to be a resilient organization. For part two, let’s discuss why organizations need to consider these challenges and who’s responsible for addressing them. Whilst asking why an organization may need to be resilient sounds a bit silly, I can say from experience that just because something seems obvious doesn’t mean it’s not quite a bit of work.

As hackers’ methods become more sophisticated, the scale of email security breaches and the frequency at which they occur grow greater with each passing year. In 2019 alone, an estimated 2 billion unique email addresses, accompanied by over 21 million unique passwords, were exposed within a single data breach.

For the majority of people in the information security world, the act of offensive hacking is something they are tasked with protecting against but have little ability to do themselves. That is like asking a professional boxer to enter the ring without knowing how to throw a punch. Sure, you may be able to get in and last a few rounds, but eventually, a formidable opponent will wear you down and knock you out.

Zero Trust is a security concept that is based on the notion that organizations should not take trust for granted, regardless of whether access attempts originate from inside or outside its perimeters. An enterprise needs to verify any attempt for connection to its systems before granting access. At the same time, the defensive layers that define the Zero Trust model should enable access for enterprise users no matter where they are and no matter what device they’re using.

Managing security incidents can be a stressful job. You are dealing with many questions all at once. What’s the scope? Who do I need to engage? How do I manage all of this? As an Incident Commander (IC), you have many responsibilities. You’re responsible for driving an incident to resolution as quickly as possible, creating the resources necessary to document, collaborate, and communicate while helping identify, engage, and orient the right people.

Historically, common detection methods have used file hashes (MD5, SHA1, and SHA256)—unique signatures based on the entire contents of the file—to identify malware. Modern threat actors have increased in sophistication to a point where every instance of a given malware will have a different hash, and that hash will vary from machine to machine.

As if Puerto Rico wasn’t having a hard enough time as it attempts to recover from a recession, the damage caused by devastating hurricanes in recent years, and a damaging earthquake last month, it now finds itself being exploited by cybercriminals. According to media reports, the government of the US island territory has lost more than US $2.6 million after falling for the type of email scam that has plagued companies and organisations around the world.

Post-exploitation can be one of the most time-consuming but worthwhile tasks that an offensive security professional engages in. Fundamentally, it is where you are able to demonstrate what an adversary may do if they compromise a business. A big component of this is trying to get as far as you can without alerting the defenders to what you’re doing.