Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Videos

What Are Attack Surfaces and How to Protect Them

Attack surfaces are the different endpoints, subsidiaries, business units, and devices that a hacker could go after. For example: We have a client who had a Japanese subsidiary that spun up a server for QA testing. They used it for a couple of years and then forgot about it and stopped maintaining it. But the server was still there. And the attackers found it and tried to use it to break into the client’s infrastructure.

This Is the Reason Behind 70% Of Data Breaches

70% of the data breaches involve the negligence of a 3rd party. Let’s understand this with Target’s classic example. In 2013, they were using a contractor, Fazio, to do maintenance of their air conditioning systems. The hackers got into the Fazio systems and used it as a jumping pod to infiltrate and hack into Target’s infrastructure. Big companies like Audi and Volkswagen have also suffered such cyberattacks due to 3rd party negligence.

Gain a full view of your vendor ecosystem with Automatic Vendor Detection

SecurityScorecard is the global leader in cybersecurity ratings, empowering you with trusted data and the confidence to make smarter and faster decisions. Security ratings give you an outside-in view of the cybersecurity posture of any organization in the world across ten key risk factor groups. Our Automatic Vendor Detection (AVD) instantly gives you a view of your entire third and fourth-party ecosystem, enabling you to visualize and take proactive steps to mitigate risk.

Robustness vs Resilience in Cybersecurity

Our cybersecurity architectures need to be resilient, not robust. Let’s understand with an example: Egyptian pyramids are robust. They have stood the test of time for 1000s of years. But they're not resilient. If you blow one up with dynamite, it will explode. On the other hand, a coral reef is resilient. If you break off a part of it, it regenerates itself. Similarly, in cybersecurity, we need to have the mindset of resilience, recovery, and recuperation.

Common Mistakes Chief Security Officers Make

Here are 3 common mistakes chief security officers (CSO) make: Not prioritizing risks: Certain things might feel risky, but they’re not, while certain other things might feel safe, but they’re risky. Example: A turbulent flight feels dangerous but is often not, whereas passive smoking might feel safe but is highly risky. A good CSO can differentiate between what “feels” risky and actual risk. This allows them to prioritize and mitigate risks effectively. Not alternating between business and technical hats.

The Best Way to Prevent Getting Hacked

Here are simple cyber hygiene practices to get ahead of 95% of companies: Hackers today have tools that can find 1000s of easy targets that have bad cyber hygiene with a single click. Here’s an analogy: Imagine you’re a burglar walking in a neighborhood, thinking which house to break-in. While all the houses look perfect, there is one that looks abandoned with broken doors, an unkempt lawn, and graffiti on the wall.

What Is Cyber Hygiene?

The hackers succeed because they know your attack surface better than you do. - Rob Joyce. For example, a lot of times, companies spin up a QA server and then forget about it, which then becomes an easy target for hackers to break into the company. Companies need to maintain a good cyber hygiene by taking care of the basics. An example of a bad cyber hygiene is a website that shows Copyright 2010 in 2022.