Energy & Utility August 16, 2022

X-Force 2022 Insights: An Expanding OT Threat Landscape

9 min read - This post was written with contributions from Dave McMillen. So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of…

Endpoint August 10, 2022

How to Compromise a Modern-Day Network

8 min read - An insidious issue has been slowly growing under the noses of IT admins and security professionals for the past twenty years. As companies evolved to meet the technological demands of the early 2000s, they became increasingly dependent on vulnerable technology…

Data Protection July 14, 2022

6 Ways SASE Helps Protect Your Data

4 min read - You start to log in to work from the home office you’ve occupied for the last two years only to sit and wait patiently as your virtual private network (VPN) dials up. After a few minutes, it validates your credentials.…

Intelligence & Analytics May 26, 2022

Black Basta Besting Your Network?

7 min read - This post was written with contributions from Chris Caridi and Kat Weinberger. IBM Security X-Force has been tracking the activity of Black Basta, a new ransomware group that first appeared in April 2022. To date, this group has claimed attribution…

Intelligence & Analytics December 16, 2021

Zero Trust and DNS Security: Better Together

4 min read - How many times have you heard the popular information security joke: “It’s always DNS”? It means that every time there’s a problem you can’t figure out, you will dig until you reach the conclusion that it’s always DNS. But DNS…

Software Vulnerabilities December 12, 2021

How Log4j Vulnerability Could Impact You

4 min read - Get the latest on the vulnerability dubbed "Log4Shell," a remote code execution vulnerability.

CISO December 7, 2021

Understanding the Cyber Risk Exposures Within the Health Care Industry

4 min read - The health care industry is one of the most popular and lucrative targets for cyberattacks and malicious activity. Health care organizations always present as an attractive proposition to hackers as they possess high volumes of sensitive information about patients and…

Application Security November 3, 2021

An Attack Against Time

3 min read - When Liza Minnelli sang that famous tune, “Money makes the world go around,” she should have added one more word: time. Time makes the world go around. It’s that one agreed-upon part of life that the world shares. From laptops…

Cloud Security September 8, 2021

Building Blocks: How to Create a Privileged Access Management (PAM) Strategy

4 min read - Privileged access management (PAM) has long been central to a good enterprise cybersecurity strategy. However, its nature is changing. The pace of digital change is speeding up and reliance on the cloud increasing. So, businesses and agencies must develop new…

Cloud Security August 27, 2021

Why Privileged Access Management Is So Hard in the Cloud

4 min read - Privileged access management (PAM) is in a bizarre place right now. On the one hand, organizations mostly understand the value of PAM. In a July 2019 study cited by Forbes, for instance, just 1% of respondents said that they don’t…