Ransomware attribution: Missing the true perpetrator?
Headlines following recent ransomware attacks paint a landscape that acknowledges the true impact of such threats. Historical focus solely on attribution has made way for …
Security must become frictionless for companies to fully secure themselves
Ensuring adequate security in the face of a rapid increase in the quantity and sophistication of cyberattacks requires more effort and resources than most organizations are …
Thoughts on Biden’s cybersecurity Executive Order
Colonial Pipeline is a major American oil pipeline system that originates in Houston TX and supplies gasoline and jet-fuel to a significant portion of the US, specifically the …
Cybersecurity, emerging technology and systemic risk: What it means for the medical device industry?
In late 2020, the World Economic Forum stated that “the approach to cybersecurity needs to be overhauled before the industry finds itself in any fit state to tackle the …
18 is the new 20: CIS Controls v8 is here!
The moment we’ve all been waiting for is finally here. The Center for Internet Security (CIS) officially launched CIS Controls v8, which was enhanced to keep up with evolving …
Security doesn’t always require immediacy
New security threats emerge almost continuously, meaning we now deal with a known unknown. In the past year alone, malware and ransomware use has sharply increased, 43% of …
Enterprise leaders now see cybersecurity as a business advantage
Enterprise leaders who previously viewed cybersecurity as part of traditional infrastructure have shifted to rapidly invest in integrated, cloud-based approaches, with ripple …
What the pipeline attack means for critical infrastructures
The big news in critical infrastructure security is the ransomware-triggered shutdown of the Colonial gasoline pipeline – the largest such pipeline in the USA. The …
Security awareness training doesn’t solve human risk
Traditional employee risk mitigation efforts such as security awareness training and phishing simulations have a limited impact on improving employees’ real-world …
The best CISOs think like Batman, not Superman
Many CISOs see themselves as Superman — soaring overhead, cape fluttering, and ready to swoop in and save the day at a moment’s notice if a crisis arises. There have been …
How modern workflows can benefit from pentesting
Pentesting, also known as penetration testing, is a security assessment, an analysis, and progression of simulated attacks on an application (web, mobile, or API) or network …
Risk-based vulnerability management has produced demonstrable results
Several years ago, risk-based cybersecurity was a largely untested and hotly debated topic. But the tests have since been administered and the debate largely settled: …