Deceptions Everywhere ®

It's no secret that SOCs are overwhelmed. Many organizations are under constant attack, but SOC teams are so barraged by alerts that they can’t discern real from noise. If you missed our webinar with Forrester, Improving SOC Efficiency with Deception, watch it here. Learn how a deception technology approach can end the nonstop "hamster wheel" reaction cycle—and significantly boost both incident response (IR) capabilities and the overall productivity of security operations teams. Read More

The practice of digital forensics in cybersecurity focuses on recovering and investigating artifacts found on devices to determine the nature of an incident or cyberattack. Read More

Let’s tackle a familiar, yet daunting problem for vulnerability management (VM) teams: The patching “to-do” list in most organizations is so long that having some way to prioritize patching of networked endpoints, servers and other assets is essential for limiting exposure to cyberattacks. Read More

Moody's Cyber Risk Group: “Cyber becomes more and more important.” On November 12, Moody’s announced its intent to start incorporating in its credit rating method the degree to which an organization faces risk of major impact from a cyberattack. This follows the news, back in February 2018, that the Securities and Exchange Commission issued additional guidance on its requirement that public companies must “inform investors about material cybersecurity risks and incidents,” even if they have not yet been the target of a cyberattack.   Read More

More than $2.5 trillion in mergers were announced in the first half of 2018[1]—a new record. Ranked by value of the deal, energy and power deals led, followed by media and entertainment, with healthcare and industrials close behind. Industries are converging and organizations are using acquisitions, divestitures, and other forms of asset remix to reposition their businesses. For example, there are numerous mergers among pharmaceutical, life sciences, and biotech companies as they seek to gain traction in a highly fragmented market. EY predicts that the total value of life sciences M&A will surpass $200 billion in 2018. According to Deloitte, technology acquisition is the primary driver of M&A pursuits, ahead of expanding customer bases in existing markets, and adding products or services[3]. Read More

ATMs are literally boxes of cash—too good for criminals of any stripe to pass up. When ATMs first emerged, thieves used brute-force tools like crowbars, explosives, and propane torches to remove the ATM machine itself or get at the cash inside. As recently as April, three men were charged in Salt Lake City, UT, for trying to blow up ATMs and steal the cash.  Read More

On March 15, 2018, US CERT (U.S. Computer Emergency Readiness Team) issued a Technical Alert about “Russian government cyber actors” conducting a concerted cyberattack campaign against energy companies. Specifically, they gained access through small organizations connected to the target companies and then “conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS).” Read More

As 2017 comes to a close, the string of recent attacks on SWIFT and other financial messaging systems are emerging as one of the main threat trends. News has just surfaced of another such attack – this time impacting Globex Bank in Russia, which took place on December 15th. Attackers apparently attempted to steal almost $1M by manipulating international transfer requests through the systems within the bank that connect to the SWIFT messaging service.  Read More

Ransomware is the biggest topic in the cybersecurity community right now – but this certainly doesn’t mean it’s a new concept. Malware capable of encrypting files on infected machines has existed since 1989, but today’s cyber attacks are far more sophisticated. Read More