threats

Skills Shortage: The Intelligent Application of Force Multipliers

Many organizations struggle to staff and maintain security operation teams due to a serious shortage of skilled security analysts. The struggle isn’t just about filling open roles; it is equally hard to drive the needed productivity of the resources already in house to make sure the alert that matters doesn’t go unnoticed. Both new and…

Hypothesis in Threat Hunting

Today’s threat landscape requires organizations to operate more proactively to keep up with advanced and persistent threats. There is no doubt that the practice of threat hunting has emerged as a key capability to detect stealthy threat actors trying to gain access to the organizational IT infrastructure by evading traditional security measures. Hunting aims to…

Chasing the Rabbit: Cybersecurity Through the Camera Lens

Azeem Aleem and Dave Gray Nothing will work if you are not serious about it – Sam Abell This blog is intended to take a different perspective (pun intended) of how we view our security platforms and how to go about rationalizing our Business-Driven Security™ decisions about cyber threats and mitigation strategies. It all comes…

What’s Really at Risk With Reputation Risk

When boards express anxiety about cybersecurity risk, one of the foremost fears they face is reputation risk. Why is that? Because cybersecurity failures do cause reputation damage, and reputation risk is scary. A security failure can immediately bring unwelcome headlines, hits to the share price and probing questions from business partners Security failures can also…

The Forum at RSA Conference

This year’s RSA Conference continues the long string of high powered speakers from both the private and the public sector. While there are great keynotes and more than 500 track sessions, we discovered we needed more! Five years ago, many senior government officials were looking for a platform from which they could communicate what they…

Are Software Supply Chain Attacks the New Norm?

How many of us stop to think about updating software we use every day? Do you think “maybe I should check for threats on this before I install it?” Or do you wait for it to automatically update? For many of us, we don’t consider the security of the everyday software we use. This is…

The Case of Threat Intelligence in ETDR

It seems like every day we’re hearing about a new major security breach that’s affecting thousands, if not millions. Cybercriminals have many motives, and no organization should consider itself invulnerable. These attackers are advanced and have been able to penetrate deep layers of defenses. Years ago, organizations thought that technologies like Antivirus(AV), firewalls, Host Intrusion…

The Threat of the Threat Itself

Some colleagues and I were discussing DDoS attacks earlier this week: who is waging DDoS attacks, what techniques they’re using and how to deal with attacks when they occur.  While discussing the value of advance warning of such attacks, one person said offhandedly, “the problem with advance warning is that the threat may be just…