Threat Detection and Response, Page 2

Mastering the implementation of a Threat Pattern

In previous posts we have discussed two of the most critical phases in the “The Lifecycle of a Threat Pattern”: analysis and design. In the analysis phase the objective is to fully understand the asset in scope by getting deeper into the context to formulate a set of residual risks to which the asset might be…

A New Cyber Mission Force

The context is something that could radically turn a bad event to something manageable or even interesting. If we consider how much the threat landscape changed, as did the context where security operates, we realize we are facing one of the most complex and articulated wars of the century – the Cyber War. As stated…

The Elephant in the Room for Endpoint Security

Stop me if you’ve heard this story before… Three blind men are traveling down the road to visit a friend.  On the way, they encounter an elephant.  Not being able to see it, they each stopped and felt the elephant to figure out what sort of creature it was.  The first one grabbed the trunk…

Engineering The Design Of A Threat Pattern

In our journey of developing and maintaining threat patterns, we have now arrived at a critical phase: the design. While the need of an implementation phase is immediate as well as the evaluation of the background analysis in order to build something meaningful (as explained by my colleague, Demetrio Milea) – the intermediate design phase is the…

Cloud Ready Threat Detection & Response

Organizations are leveraging third party cloud environments for increasingly critical data, applications, and infrastructure. The agility and potential cost savings that both public and private (virtual) clouds offer mean that the business can be more efficient and gain operational and financial advantages. While some organizations – dependent on vertical and “risk” appetite – may be…

Joining RSA’s Mission To Deliver Business-Driven Security – From RSA’s New President Rohit Ghai

I am delighted to be joining RSA at such an exciting and transformational time in the security industry. 2016 brought an unprecedented focus on the global cybersecurity situation. From the use of IoT vulnerabilities to halt the largest global websites, to politically motivated intrusions, to power grids being targeted – threats that were previously unimaginable…

Threat Detection: What Goes Into a Successful Strategy?

The cat’s officially out of the bag when it comes to threat detection: The majority of the industry simply isn’t satisfied with its current solutions. In fact, 76% of respondents in a recent RSA survey indicated that they were not confident in their ability to detect and investigate threats to their environment. Where did matters…

Forensics Meets Continuous Security Monitoring to Achieve Optimal Visibility

Digital forensics is estimated to be a $3.2 billion industry by 2020, according to research from RnR Market Research summarized by WhaTech. The industry has grown due to the virtually ubiquitous use of IT systems in personal, corporate, and governmental settings. The need for the IT department to “see” from the network command center out…

Four Characteristics of Top-Notch Threat Intelligence

Threat intelligence is a hot topic these days and was arguably one of the top themes of RSA Conference 2016. However, organizations need to realize that simply having more data about the latest threats, vulnerabilities, and exploits is not the answer to all their cybersecurity problems. On the contrary, threat intelligence is only helpful if…

The Criminal Appeal of Advanced Ransomware: How Can Companies Protect Their Files?

Advanced ransomware—malicious software designed to take control of a computer system and hold it hostage until the victims pay for its release—is one of the fastest-growing areas of cybercrime. Another closely related threat is cyberextortion, where attackers threaten to cause harm to a company by releasing sensitive information to the public or sustaining distributed denial-of-service…