_Experts-Response

An Innovative Approach to Addressing the U.S. Cybersecurity Crisis

Criminal hackers are using sophisticated methods and tools found on the dark web that allow them to keep ahead of the efforts to combat them. That in conjunction with the massive worldwide cybersecurity skills shortage means that fighting cybercrime is more and more difficult. Aidan McCauley, VP of Technology Investments at IDA Ireland, says that rather than separate nation- or company-led efforts, there's another approach that might deliver better results.

What SOCs Can Learn from the Industrial Revolution

With hundreds, if not thousands of security alerts per day pouring into Security Operations Centers (SOC), security professionals are fighting a losing battle. Fortunately, tried-and-true manufacturing techniques can turn the tide. Heather Hixon of DFLabs outlines two techniques that can help even the playing field between SOCs and their adversaries.

Predictions: The Next-Gen SIEM Will Be Very Different

In 2019, security teams will start using more technologies to achieve detection and response versus simply relying only on standard SIEM alone. But deploying more and more technologies is not enough. SVP strategy at CyberInt Itay Yanovski explains why organizations need to look at Security Operations Centers (SOC) in a different way.

A Widespread Need To Modernize Security Operations

There is a widespread need for organizations to modernize their security operations. Why? It creates the structure to eliminate distractions caused by chasing compliance mandates and the latest “shiny technology objects” and allows security organizations to reduce enterprise risk. Mark Maxey of Optiv outlines how to get started on modernizing operations.

Developing a Framework and Methodology for Assessing Cyber Risk

ITSPmagazine co-founder Sean Martin interviews Howard Miller, co-author of “Developing a Framework and Methodology for Assessing Cyber Risk for Business Leaders“ (Journal of Applied Business and Economics, volume 20 (3), 2018), about the background of and vision related to this research article, how it applies to companies, boards and CEOs, risk management systems, and the ongoing development with Pepperdine CyRP.

Cyber Hygiene and Digital Resilience to Withstand a Cyber Attack

In the past, nation states such as North Korea and China had a very limited ability to respond to the U.S.’ military attacks or sanctions. But in today’s digital world, these countries use cyber-attacks to deter a sanction or get retribution. Wayne Lloyd, Federal CTO of RedSeal, provides a list of actions organizations can take to ensure good cyber hygiene and digital resilience to withstand a cyber event and/or recover quickly.

Can SMBs Do Something to Prevent Ransomware? (Yes!) - Part 2

Last year Locky, NotPetya and WannaCry ransomware savaged Internet users, with billions of dollars lost, data destroyed, worldwide shipping disrupted, and reputations damaged. Even though they are the most hacked businesses on the Internet, many SMBs do not have proper cybersecurity protections in place. In part 2 of this two-part series, Dave Moore, founder of Internet Safety Group, walks the reader through a well-crafted response plan and reviews of the top backup programs.

Can SMBs Do Something to Prevent Ransomware? (Yes!) - Part 1

Last year Locky, NotPetya and WannaCry ransomware savaged Internet users, with billions of dollars lost, data destroyed, worldwide shipping disrupted, and reputations damaged. Even though they are the most hacked businesses on the Internet, many SMBs do not have proper cybersecurity protections in place. In part 1 of this two-part series, Dave Moore, founder of Internet Safety Group, explains why and how SMBs need to make Internet safety training a top priority.

6 Reasons Why SIEMs Aren’t a Security Analytics Tool

Given all the vendor- and analyst-speak in the security space, it’s become difficult for organizations to know the difference between Security Information and Event Management (SIEM) and security analytics. Here are 6 ways to tell a SIEM from a security analytics product.

Let’s Pretend You've Been Breached. Now What?

Every business falls victim to cyberattacks sooner or later. Are you prepared for when the inevitable breach happens? If not, your business and your career could be in jeopardy. This article highlights nine key criteria that should be part of every cyber-breach preparation plan.

The 5 Components Of A Successful Incident Response Program

The most successful incident response programs excel in five areas: visibility, incident management, workflows, threat intelligence, and collaboration/information-sharing. DFLabs Senior Product Manager John Moran explains what’s required to achieve excellence in each of these components from a systems level perspective.

It Is Time To Upgrade The Cybersecurity Tools Businesses Use

How can companies be better at training employees to prevent phishing and improve security? Inky founder Dave Baggett provides a quick history of antivirus software, how antivirus worked then and now, and the flaws in security software.

What Is A Next-Generation Firewall And Why Do We Need It?

The most effective first level of physical defense in your network architecture’s security infrastructure is the firewall. Yoram Ehrlich, VP Products at Niagara Networks, explains how there is now a clear shift toward next-generation firewall (NGFW) technology incorporating advanced know-how.

Become a Strategic Cybersecurity Asset

How can cybersecurity managers effectively identify strategic gaps when 90% of managers have never had strategic management training? Organizations that equip their cyber leaders with the knowledge to think and act strategically improve their chances for long-term success.

Wouldn’t You Like To Know How To Prevent Security Alert Fatigue?

Organizations of all sizes are vulnerable to cybersecurity threats, and they need to be able to detect indicators of compromise in order to address risks and respond to attacks. Integrating SIEM and SOAR combines the power of each to create a more robust, efficient and responsive security program – which ultimately allows security teams to avoid alert fatigue.

The Truth Is That Threat Hunting Is More Art Than Science

Threat detection relies on signatures or the correlation of system events to identify indicators of compromise (IOCs). As such, it is primarily reactive and used to verify if a breach has occurred, and to assess the scope and spread of a threat. This article explains how proactive threat hunting can address this inherent weakness in threat detection by assuming a threat or threat actor has not been detected, yet may have targeted an organization.

Spotting Attackers Early Means Being More Protected

KRACK, as acronyms go, seemed an appropriate handle for last month’s WiFi security disclosure. After a quarter stuffed with bad security news, a new flaw in one of our most beloved technologies might have a few security pros on the verge of cracking. The showiest security disasters make news, but breaches happen every day to organizations of every type around the world. The attacker perpetrating the next big cybersecurity incident is probably already behind someone’s firewall. And while you should definitely patch your vulnerabilities and maybe even turn off your WiFi (ok, just kidding, no one’s going to turn off the WiFi), that’s not going to be enough. We need to change how we think about cybersecurity.

Ransomware Always Tips Its Hand

Ransomware creates turmoil every day – for individuals and for enterprises. But there is encouraging news. Ransomware, by its very nature, tips its hand with characteristics that make it predictable and recognizable. These distinct features enable advanced security tools to detect and defeat ransomware before files are frozen and ransoms demanded.

Shifting The Cybersecurity Model: From Cops to Spies

Jamison Utter looks to shift the cybersecurity model from one of being a cop to one of being a spy. Will this help companies be more successful in mitigating their cyber risk?