Blog

The Business Value of RSA Archer

Implementing an effective governance, risk, and compliance program can be a costly and time-consuming effort: Hardware, software, and the active engagement of a lot of people in the first, second and third lines of defense.  Before implementing a program, and periodically throughout the life of the program, the question always arises from senior management: Is…

What Your Business Can Learn from WannaCry

The biggest cyber attack began last week, spreading to more than 150 countries and infecting 200,000 machines. The outbreak is a ransomware threat, WanaCrypt0r 2.0 also known as WannaCry, with worm-like capabilities leveraging an exploit against vulnerable Microsoft Windows® operating systems. Ransomware mimics the age-old crime of kidnapping: someone takes something you value, and in…

Failure to Communicate: Why SOCs Fail!

I’ve had the privilege of working in a few different SOCs at various maturity levels ranging from the stony shores of regulatory compliance – “Yes, we have a security solution”, to the deep shark-infested waters of a global enterprise under frequent attack by nation state-sponsored attack groups. Throughout all of these different engagements, I’ve worked…

Six Keys to Successful Identity Assurance – Flexible Authentication

So far, we’ve discussed the first five keys to a successful identity assurance: business context, anomaly detection, machine learning, broader ecosystem, and consistent experience. Let’s close the series with an important topic for both end users and administrators: flexible authentication. Administration Flexibility When we think of providing flexibility for administrators, we focus on the authentication…

The Next Generation in Consumer Authentication and Fraud Prevention

Fraud risk management has become a burden in recent years, and not just because the attackers have gotten better at their game. The tools and technologies used to detect and mitigate fraud events are better, but they are also plentiful. A recent RSA survey found that 57% of organizations use between 4 – 10 different tools…

How Ransomware uses TMP files and the Temp folder

In my previous blog, Why Malware Installers Use TMP files and the Temp folder, I discussed the advantages malware can have by using atomic writes instead of simply copying the malware to the intended location. In this blog, I discuss how ransomware uses the same technique for its purpose and how it is different from…