Implementation of security automation can be overwhelming, and has remained a barrier to adoption
Removing the Barriers to Security Automation Implementation
Three Ways to Improve Defense Readiness Using MITRE D3FEND
Created and maintained by MITRE, MITRE D3FEND is a framework that provides a library of defensive cybersecurity countermeasures and technical components to help organizations improve their defensive cybersecurity posture.
Wipers Are Widening: Here’s Why That Matters
In the first half of this year, researchers saw a rising trend of wiper malware being deployed in parallel with the Russia-Ukraine war. However, those wipers haven’t stayed in one place – they’re emerging globally, which underscores the fact that cybercrime knows no borders.
Don’t Let Your Career Go the Way of Entertainment 720
In season four of the TV show “Parks and Recreation”, two of the characters founded a company named “Entertainment 720”. There was a lot of hype and buzz around this new company, though no one seemed to be able to understand exactly what the company did. Not surprisingly, after rapidly chewing through all of its funding, “Entertainment 720” shut its doors.
Digesting CISA’s Cross-Sector Cybersecurity Performance Goals
Last month, CISA released cross-sector cybersecurity performance goals (CPGs) in response to President Biden’s 2021 National Security Memorandum on improving cybersecurity for critical infrastructure control systems.
Risk Mitigation Strategies to Close the XIoT Security Gap
Understanding the vulnerability landscape of the XIoT to properly assess and mitigate risk is critically important to protect livelihoods and lives
Balancing Security Automation and the Human Element
There are two recurring themes in security that we continue to discuss, debate and, quite frankly, struggle with—automation and the talent gap.
Bringing Bots and Fraud to the Boardroom
Security and fraud leaders need to speak the language of the board to translate security and fraud risks into monetary risks to the business
Offense Gets the Glory, but Defense Wins the Game
When it comes to cybercriminals, defense evasion remains the top tactic globally. In fact, it was the most employed tactic by malware developers in the past six months – and they’re often using system binary proxy execution to do so. Hiding malicious intentions is one of the most important actions for adversaries. Therefore, they are attempting to evade defenses by masking malicious intention and attempting to hide commands using a legitimate certificate.
Tailoring Security Training to Specific Kinds of Threats
Faced with the daily barrage of reports on new security threats, it is important to keep in mind that while some are potentially disastrous, many are harmless or irrelevant to individual organizations.