InfoSec (4)
Managing Risk and Driving Growth: Why CISOs Need to be Closer to Their CEOs
During her inaugural speech as the new CEO of the UK’s National Cyber Security Centre (NCSC), Lindy Cameron argued that cybersecurity is still not as embedded as it should be into boardroom thinking.
5 minute read
Embracing Zero Trust, Little by Little
Zero trust is an important security architecture to protect your business from cyber threats. But how complex is it to implement it correctly? And what message does it send to employees when you say, “never trust, always verify”? Is there a better way?
8 minute read
What the Hafnium Attacks Tell Us About Today’s Ransomware Threat
At the start of March, Microsoft took the unusual step of releasing four “out-of-band” patches to its customers. The reason was simple: it had detected a nation state adversary exploiting the related vulnerabilities in attacks on Exchange email servers. However, this was just the beginning. In just a few days, multiple threat groups had joined in
5 minute read
Learning from the Colonial Pipeline Hack: 4 Ways to Mitigate the Risk of a Ransomware Attack
On May 7, Colonial Pipeline discovered they were hit with a ransomware attack. Three days later, the FBI confirmed that a ransomware group known as DarkSide was responsible for the attack, which caused the company to proactively shutdown 5,550 miles of pipe. This shutdown has inflicted panic on the east coast, causing a gasoline shortage in
4 minute read
Patching, and the Problem With Legacy Software
For much of 2021, the eyes of the cybersecurity community have been focused on SolarWinds and the astonishing state-backed campaign that is still unfolding in front of us. But arguably just as important is a campaign that targeted little-known US software company Accellion and its customers over December and January.
5 minute read
Why Nation State Attacks Are Now A Problem For Everyone
In cybersecurity circles, there are a couple of well-worn beliefs about nation state threats. One holds that they are only relevant to a relatively small number of critical infrastructure, defense, and government organizations. The other is that such attackers are so replete with the latest tools, techniques, and resources that it’s pointless for
5 minute read
CNI Under Attack: What Can We Learn From the Florida Water Hack?
A shadowy remote hacker using technical cunning to poison a US city sounds like the stuff of a Hollywood thriller. But in reality, security experts have been warning about such an attack for years. So when the worst case scenario nearly played out in Oldsmar, Florida earlier this month, the cybersecurity community was perhaps less surprised than
5 minute read
Three Billion Credentials Circulating Online: Is Your Business At Risk?
Online data dumps are nothing new. Sites selling consumers’ stolen personal and financial information and log-ins help generate more revenue for the cybercrime underground than the GDP of many countries. However, the recent appearance of three billion username and password pairs — known as a “combo list” — may have raised the eyebrows of even the
5 minute read
Different Types of Insider Threats and How to Prevent Them
It doesn't take an expert to understand that cybersecurity threats have increased substantially over the years. Whether its DDoS attacks, ransomware, malware, or otherwise – all pose a significant risk to companies both large and small. It’s evident that businesses need to step up in the war on cybercrime before disaster strikes.
3 minute read
How Cybersecurity has Changed in the Last Decade
The world was a different place in 2010: The global population had only just broached 7 billion (now up to 7.7), we still believed Lance Armstrong was clean, and Game of Thrones hadn’t even premiered on HBO. We looked at the world differently back then, because the lens of our lives were different. Now, ten years later, how have those lenses
4 minute read