security operations
A checklist to help healthcare organizations respond to a serious cyberattack
How should organizations in the healthcare sector respond to outage due to a serious cyberattack? The Healthcare and Public Health Sector Coordinating Council’s (HSCC) …
Security teams need to become more proactive and risk-driven
83% of companies would suffer business damage during the first 24 hours of an outage and thereafter, which comes as no surprise with recent surges in ransomware and other …
Siloed security data hamper the ability to achieve collective defense
Cyware revealed a research detailing the challenges affecting modern security operations teams and the negative business impact of siloed security operations. According to the …
Combating vulnerability fatigue with automated security validation
Security operations teams have been dealing with “alert fatigue” for far too long. The introduction of log monitoring (e.g., SIEM), firewall, and AV technologies over two …
Automation is not here to close the cybersecurity skills shortage gap, but it can help
In this interview with Help Net Security, Daniel Clayton, VP Global Security Services and Support at Bitdefender, talks about the cybersecurity skills shortage gap and the …
Phishing attempts: Employees can be the first line of defense
33% of emails employees report as phishing attempts are either malicious or highly suspect, according to new research. The finding comes from an analysis of emails reported by …
How enterprises use security operations to modernize their business
CyberRes published a report which provides insights into how enterprises are utilizing security operations to modernize their business, secure the digital value chain and …
Fortinet plugs RCE hole in FortiManager and FortiAnalyzer (CVE-2021-32589)
A vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer could be exploited by remote, non-authenticated attackers to execute unauthorized / malicious code as root, …
The impact of current and emerging threats on the day-to-day lives of SecOps teams
More than half of IT and cybersecurity professionals noted ransomware or zero-day attacks as the biggest threats to their organization, according to a Deep Instinct survey. …
New tool allows organizations to customize their ATT&CK database
MITRE Engenuity has released ATT&CK Workbench, an open source tool that allows organizations to customize their local instance of the MITRE ATT&CK database of cyber …
SOC burnout is real: 3 preventative steps every CISO must take
Consider this scenario: Morgan, a level 3 security analyst, arrives to a twelve-hour security operations center (SOC) shift and finds a message that a network sensor is …
Guidance to help cyber threat intelligence analysts apply MITRE ATT&CK
CISA has partnered with the Homeland Security Systems Engineering and Development Institute (HSSEDI), which worked with the MITRE ATT&CK team, to issue guidance to help …