The 3 hidden costs of incident response

The 3 hidden costs of incident response

Every business function seeks to apply finite resources to maximum benefit, and to do that effectively in security, like threats, requires a keen understanding of those costs that are known and those that are hiding.

05/10/18

The value of 20/20 hindsight in cybersecurity

The value of 20/20 hindsight in cybersecurity

Security will find indications of compromise revealed in public disclosures exponentially more valuable if they find a way to go back and compare historical data against the new intelligence.

04/09/18

Maslow’s hierarchy of needs for incident response

Maslow’s hierarchy of needs for incident response

The advent of laterally spreading malware requires the security community to progressively build out incident response to include more thorough scoping to determine the true extent of an event and threat hunting to find those threats...

03/07/18

Why it’s harder for threats to hide behavior on a corporate network

Why it’s harder for threats to hide behavior on a corporate network

If signatures in cybersecurity are like fingerprints in a criminal investigation, behavioral detection is like profiling – it’s harder to hide, but it’s not foolproof either.

02/05/18

Why a controversial cybersecurity prediction about IDS from 2003 is still relevant

Why a controversial cybersecurity prediction about IDS from 2003 is still relevant

The complicating factors that prompted a technology analyst to label the market as obsolete 14 years ago still persist today; it remains a rallying cry for greater security innovation.

01/02/18

The interdependency of people, policy and products amid a cybersecurity talent shortage

The interdependency of people, policy and products amid a cybersecurity talent shortage

As the shortage of skilled security staff widens, the effects on policy and products in overall security organization must be factored into the choice to pursue alternative sources of talent.

11/07/17

Change management: Equifax highlighted the vulnerability gap between disclosure and patch

Change management: Equifax highlighted the vulnerability gap between disclosure and patch

The Equifax breach highlighted a gap between the disclosure of a vulnerability and the implementation of a patch as a result of change management process. Adversaries seek out unpatched targets in this period of time which...

10/05/17

Why even smaller enterprises should consider nation-state quality cyber defenses

Why even smaller enterprises should consider nation-state quality cyber defenses

The modern threat landscape has evolved to the degree that even smaller enterprises may find themselves victim to a previously unthinkable attack.

09/11/17

Load More