How to calculate ROI and justify your cybersecurity budget

How to calculate ROI and justify your cybersecurity budget

If you speak with management about money – speak their language and you will definitely get what you need.

12/01/15

Five reasons why hackers easily get in

Five reasons why hackers easily get in

Vulnerable web application is a great gift for hackers, as it significantly reduces their time, cost and efforts to get into corporate network. Why companies fail to secure their web apps?

11/24/15

Spending millions on APT defense? Don’t forget about Third Party Risk Management

Spending millions on APT defense? Don’t forget about Third Party Risk Management

Being a large company, you have a risk when hiring a third-party consultant - you condemn them to be hacked instead of you.

10/26/15

DDoS attacks: a perfect smoke screen for APTs and silent data breaches

DDoS attacks: a perfect smoke screen for APTs and silent data breaches

Growing DDoS attacks more and more frequently try to distract incident response teams in order to hide much bigger security incidents.

09/28/15

How to secure the Internet of Things and who should be liable for it?

How to secure the Internet of Things and who should be liable for it?

How to secure connected devices before it will be too late?

09/14/15

CTF players versus professional penetration testers

CTF players versus professional penetration testers

I decided to write this post after several friends of mine, CISOs within different organizations, asked me if Capture the Flag (CTF) experience makes any difference when evaluating incoming CVs for internal IT security auditor or...

09/02/15

The Oracle blog mess is missing a global business perspective

The Oracle blog mess is missing a global business perspective

Lot of interesting opinions were expressed about recent Oracle's CSO blog post, however not many of them covered the business background of the story. Let's try to fix it.

08/17/15

Continuous monitoring and web security: Are you competitive with Black Hats?

Continuous monitoring and web security: Are you competitive with Black Hats?

Nowadays security companies have to compete not only with other vendors, but also with sophisticated cyber gangs. If you will fail to detect and patch security vulnerabilities in a timely manner – Black Hats will do it for you, but...

08/03/15

Modern APTs start at your corporate website

Modern APTs start at your corporate website

Have you ever though which role your corporate web applications may play in an APT attack against your company?

07/21/15

Cybersecurity and geopolitics are intertwined

Cybersecurity and geopolitics are intertwined

Have you ever thought how the global economy and geopolitics influence cybersecurity and cybercrime? Some people may think that these are two completely different domains, however they are strongly and permanently related.

07/14/15

Think your website isn’t worth anything to hackers? Think again

Think your website isn’t worth anything to hackers? Think again

Many people think that if their website is not an e-banking application or e-commerce platform, hackers have nothing to steal. They think that a hacked website can be quickly and easily repaired, and nobody will ever remember the...

07/08/15

Load More