News February 15, 2023

Losing the ransomware war, and the plan to fight back

2 min read - In the war against ransomware, we appear to be losing. Leading up to the recently concluded Second International Counter Ransomware Initiative Summit, a Biden Administration Official said, “So, we’re seeing the pace and the sophistication of the ransomware attacks increasing…

Risk Management June 21, 2022

The C-Suite Is Optimistic About Ransomware. Are They Right?

4 min read - The majority of C-suite executives are confident in their organization’s protection against ransomware attacks. At least, that’s what a recent research report from ISC2 shows. In fact, just 15% express a lack of confidence. Does this confidence take into account…

Network June 21, 2021

The OSI Model and You Part 5: Stopping Threats at the OSI Session Layer

2 min read - In our journey through the Open Systems Interconnection (OSI) seven layers of networking, the OSI session layer is a gatekeeper that manages the connection between applications. In other words, we are past just connecting devices. Now, we need to do…

Intelligence & Analytics April 20, 2021

‘Inbox Zero’ Your Threat Reports: How to Combat Security Alert Fatigue

3 min read - At best, a new cybersecurity alert should trigger immediate action. But we all know in practice that work is not always clear cut. A new alert can find itself as just the latest un-addressed number in the inbox. In an…

Intelligence & Analytics February 8, 2021

Cybersecurity Insurance Pros and Cons: Is it the Best Policy?

3 min read - Cyberattacks can cause major loss of revenue for businesses and other groups of all sizes. As a result, cybersecurity insurance is being discussed more and more. The prospect of getting money back after an attack becomes increasingly appealing. But, is…

Risk Management February 3, 2021

A look at HTTP parameter pollution and how to prevent it

8 min read - With HTTP Parameter Pollution (HPP) attacks, threat actors can hide scripts and processes in URLs. First discovered in 1999, this technique can also allow threat actors to pollute the parameters in the URL and the request body. This could lead…

Threat Hunting August 5, 2020

Threat Hunting Techniques: A Quick Guide

3 min read - Threat hunting is an essential part of security operations center services and should be incorporated at an early stage. Threat hunting is the art of finding the unknowns in the environment, going beyond traditional detection technologies, such as security information…

Advanced Threats July 20, 2020

Why Cyber Ranges Are Effective To Train Your Teams

5 min read - Cyber ranges may be one of the most effective ways to train IT professionals in defending against cyber attacks. The virtual environments deliver simulated real-world attacks that test multiple dimensions and stakeholders within diverse environments. Cybersecurity teams can use cyber…

Network July 15, 2020

Focusing on the Fundamentals of Network Security

2 min read - IBM X-Force has reported a huge increase in COVID-19-related spam. Malicious domains have also rapidly expanded during the first quarter of 2020.  Focus on Security Fundamentals One of the key fundamental approaches for security is to ensure your security team can…

Cloud Security July 8, 2020

Future-Proofing Data With a Data Encryption Plan

4 min read - Data volume storage needs are growing exponentially across hybrid multicloud environments. Meanwhile, companies are being faced with a greater number of regulations to follow, as well as increased exposure to data ransomware, theft and misuse. Many regulations, such as the General Data…