Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

2021 broke new ground in terms of cybersecurity, and much was ground just as well left unbroken. With no indication that ransomware, data breaches, and assorted malware will go away soon, the new year is a time for organizations to get a fresh start and really fortify themselves against a widening field of threats. One month in, we've already seen a disturbing array of attacks, from those on political targets to distressing new malware to a breach of exceptional sensitive information.

2021 was another record-breaking year for cyber attacks, with reports of massive breaches and huge ransomware demands dominating headlines. It’s a trend that does not seem to be slowing any time soon, either. Currently, there are thousands of vendors in the market, with over $130 billion spent annually on defense and yet, the number of breaches continues to rise. Arctic Wolf's 2021 Data Breaches in Review counts down the most noteworthy, high-profile, and damaging data cybercrimes of the year.

When our customers begin their security journey with Arctic Wolf, our Concierge Delivery Model benchmarks their security programs against the NIST Cybersecurity Framework. The NIST framework spans five functions (Identify, Protect, Detect, Respond, Recover), and offers guidelines and best practices for organizations to better manage, reduce, and ultimately end cyber risk.

The security operations center (SOC) has been on the front line facing the pandemic-induced escalation of cybersecurity threats in the past eighteen months. A 2020 study by Forrester found that the average security operations team receives more than 11,000 alerts per day and that figure is likely to have grown in the intervening period. While they were deeply engaged responding to the crisis, SOC teams were simultaneously facing the disruption common to all formerly office-based workers.

We’ve said it before, and we’ll say it again: Security Orchestration, Automation and Response (SOAR) platforms are great tools for helping teams work smarter, faster, and more efficiently against security risks. But, used on their own, SOARs are far from perfect for meeting the full security needs of the modern organization.

SOC Analysts manage and monitor a range of detection technologies to identify, investigate and respond to threats, 24/7/365. But what does the role of a SOC Analyst actually involve day-to-day, what are the rewards and challenges of the job, and how do people get into it as a career? To find out more, we spoke with SOC Shift Lead, Anthony Howell.

Strong, resilient security operations require the proper melding of people, technology, and processes to achieve the goal of reducing the likelihood and impact of cyberthreats. The right security operations center (SOC) will strengthen the overall security resiliency of an organization. The wrong one will tax your team—leading to mistakes, breaches, and losses.

This is a follow-up to our previous blogposts covering the Log4j vulnerability and the Deep Scan tool we made available to help identify vulnerable systems. As we close the first month of 2022, we looked into the activity related to the Log4Shell vulnerability CVE-2021-44228 observed across our 2,3000+ customers. Many of you will empathize with the struggle to find all instances of the vulnerable Log4j component, especially at the scale that comes with having a large customer base.

The discipline of threat intelligence began to be incorporated in cyber defense processes within private sector companies nearly a decade ago. Over the past few years, more and more organizations began to establish their own threat intelligence operations, building Security Operations Centers (SOCs), incident response (IR) capabilities and threat intelligence teams.