Cybersecurity

Know Thy Enemy: Tools, Tactics, and Techniques of Cybercriminals

6 days ago

Many view the cybercriminal as an unknown.  This is due, in part, to the difficulty inherent in tracking down individual attackers.  However, we do not need to identify each individual cybercriminal to understand cybercriminals, and this understanding is invaluable.

Sun Tzu, the legendary Chinese tactician said, “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer…

Full Details
10 Nov
2017
The lonely castle: Insights into the evolution of cybersecurity defense

This technological era is one that changes rapidly and so do defense strategies.  In the ancient world,…

Full Details
06 Nov
2017
GDPR and the Road to Increased Customer Loyalty and Trust

The General Data Protection Regulation (GDPR) is set to go into effect on May 25, 2018, and…

Full Details
03 Nov
2017
IoT Security is Living on the Edge

As the size of the Internet of Things (IoT) continues to grow, so too do the potential…

Full Details
02 Nov
2017
Protecting Critical Infrastructure from Cyber Threats

In recent years, there has been a fundamental change in both the scope and scale of cyber…

Full Details
17 Oct
2017
Reducing Wildfires with IoT, ML, and Drones

The wildfire that ripped through California in early October caused tremendous damage and the loss of over…

Full Details
27 Sep
2017
NIST SP800-171 and the upcoming DFARS deadline for DOD contractors

Defense Federal Acquisition Regulation Supplement (DFARS) clause 225.204-7012 was established in 2015 to protect Controlled Unclassified Information…

Full Details
14 Aug
2017
The 6 stages of an Advanced Ransomware Threat attack

Some ransomware are strategically designed to cause as much damage as possible while producing large profits…

Full Details
Linux Ransomware
10 Aug
2017
Ransomware threatens Linux servers, especially web servers

Linux is an open-source operating system that is very versatile due to the large group of volunteers…

Full Details
08 Aug
2017
The Journey to Cybersecurity Success: Interview with Xerox CISO, Alissa Johnson

Cybersecurity challenges companies, countries, and individuals to continually improve protections against an enemy that wants our secrets,…

Full Details

Tabletop simulation exercises speed up ransomware response

4 months ago

Most people will never have a fire in their home or office, but everyone can remember going through a fire drill at some point. The process of evacuating a building and meeting outside prepares us for the actual conditions we might face in a real fire.

Many companies go to great lengths to prepare for disasters like fires and floods, but most remain woefully unprepared to deal with ransomware—despite the fact that ransomware attacks are far more likely. One way…

Full Details
17 Mar
2017
Safeguarding against the insider threat

The insider is still one of the most vulnerable elements of cybersecurity and it was the discussion…

Full Details
18 Feb
2017
Key security strategies for data breach prevention

If we have learned anything over the last few years about data breaches, it is that they…

Full Details
07 Oct
2016
Ransomware Incident Response: 7 steps to success

Ransomware infections are becoming increasingly commonplace, and companies that put a plan together before an incident…

Full Details
21 Sep
2016
Crucial Elements of an Incident Response Plan

The news is crowded with reports from noteworthy companies of cyber-attacks.  Last year was the year of…

Full Details
07 Sep
2016
5 steps to a winning incident response team

People are the core of any incident response effort.  You must have the right people to…

Full Details
15 Jul
2015
A breach is found. Now whom do I tell?

In 2014, the Identity Theft Resource Center (ITRC) tracked 783 data breaches with 85,611,528 confirmed records exposed….

Full Details
22 Jun
2015
Point/counterpoint: Breach response and information sharing

Some breaches require notification such as those involving patient data or customer information, but sharing is optional….

Full Details
18 May
2015
Cybersecurity’s common cold

New and creative security threats may grab headlines, but smart security practitioners know that many attackers still…

Full Details

Ransomware

Phishing emails behind notorious ransomware scams revealed

1 month ago

Cybercriminals use phishing emails with malicious links or attachments to distribute ransomware more than any other method. Their goal is to fool unwitting victims into downloading the nasty, file-encrypting malware so they’ll be forced to pay a ransom in exchange for the decryption key.

CSO Magazine last year found that 93% of all phishing emails contain ransomware. To protect yourself and your business, it’s important to know what emails and tricks to avoid. Here’s a look at phishing emails that…

Full Details
29 Sep
2017
Ransomware developers learn from the mistakes of WannaCry and NotPetya

The WannaCry ransomware attack earlier this year infected more than 230,000 computers in 150 countries within…

Full Details
28 Aug
2017
The evolution of a cybercrime: A timeline of ransomware advances

Ransomware, the malicious code that holds data hostage, is now a more common threat to businesses than…

Full Details
24 Aug
2017
How to determine the true cost of a ransomware attack

The costs associated with a ransomware attack are often viewed from two dimensions: On one side,…

Full Details
14 Aug
2017
The 6 stages of an Advanced Ransomware Threat attack

Some ransomware are strategically designed to cause as much damage as possible while producing large profits…

Full Details
Linux Ransomware
10 Aug
2017
Ransomware threatens Linux servers, especially web servers

Linux is an open-source operating system that is very versatile due to the large group of volunteers…

Full Details
24 Jul
2017
Tabletop simulation exercises speed up ransomware response

Most people will never have a fire in their home or office, but everyone can remember going…

Full Details
26 Jun
2017
Karmen ransomware makes it easy to launch attacks

A new ransomware do-it-yourself kit called Karmen is making it easy for wannabe cybercriminals to launch…

Full Details
07 Jun
2017
Mac Users Face Increased Ransomware Threats

Apple Inc. has a reputation for building secure devices, but don’t become too complacent because ransomware…

Full Details
24 Apr
2017
Ransomware extortionists not as trustworthy as they’d have you believe

There are a variety of different ransomware variants that encrypt your data with no intention of…

Full Details

Governance

4 questions to ask before launching a data protection strategy

4 months ago

The process of making sure your business is prepared to protect its data from ransomware and other disasters depends largely on the characteristics of your specific computing environment, such as the type of data you have and how it is stored. To begin the process of implementing or optimizing a data protection plan, you need to gain a full understanding of how data is used within your organization and what needs to be protected the most. Start by asking yourself…

Full Details
19 Jun
2017
GDPR Compliance in the Cloud

With the upcoming onset of the GDPR, many companies are seeking to leverage their cloud services for…

Full Details
06 Apr
2017
03 Feb
2015
The case for consistency in security

Security spending could be compared to the stock market. It increases and decreases depending on intangibles such…

Full Details
14 Jan
2015
The 5 W’s of data identification and inventory

I always figured that you would need to know what you have in order to…

Full Details
02 Dec
2014
The five stages of cybersecurity maturity

As an organization becomes more conscious and engaged in protecting information, it progresses along a path of…

Full Details
02 May
2013
Third party information request policies

The Electronic Frontier Foundation issued a report on 18 web and technology companies that routinely handle data. …

Full Details

Technology

IoT Security is Living on the Edge

2 weeks ago

As the size of the Internet of Things (IoT) continues to grow, so too do the potential security risks for enterprise IoT as attackers target it.  Gartner estimates 8.4 billion IoT devices will be in service this year and that by 2020, we will have 26 billion IoT devices connected.  These devices generate an enormous amount of data that must be processed and secured.  Existing cloud systems are ill-equipped to handle such data due to the latency involved…

Full Details
12 Jul
2017
The Future Workplace of Augmented and Mixed Reality

Virtual reality has received a lot of attention lately, but there is much to be said for…

Full Details
07 Jun
2017
Mac Users Face Increased Ransomware Threats

Apple Inc. has a reputation for building secure devices, but don’t become too complacent because ransomware…

Full Details
19 May
2017
DevOps FastTrack – From How to Wow

Pavan Belagatti and Eric Vanderburg

Early DevOps adopters have proven DevOps to be more than just a…

Full Details
01 May
2017
Smart printers require smart security

For decades, the printer has been the intermediary between the digital and physical worlds.  Through it, our…

Full Details
15 Mar
2017
The Future of DevOps

I recently did an interview with JAX Magazine on DevOps and here is…

Full Details
05 Dec
2016
Protecting against APTs with Machine learning

Machine learning is a science that uses existing data on a subject to train a computer how…

Full Details
25 Nov
2016
Cloud 2.0 – Built on security refinements from cloud technologies

In the world of technology, paradigms shift quickly.  Not long ago, we focused organizational security efforts on…

Full Details
25 Jul
2016
Newest Ransomware has Polished, Professional Look

Criminals are raising the bar in the fight for your money.  It’s natural to expect that competition…

Full Details
19 Jul
2016
Geolocation technology helps ransomware deliver targeted message

It might surprise you to know that ransomware uses geolocation technology to customize payloads and target…

Full Details

Business

New version of Cerber ransomware hits businesses where it hurts

12 months ago

The latest version of Cerber ransomware is targeting database applications and putting business’s most valuable data at risk, according to recent reports.

Large database applications such as Oracle, Microsoft SQL Server, MySQL and others contain critical data for things like Enterprise Resource Planning (ERP), Customer Relationship Management (CRM) and Electronic Medical Record system. And the latest version is aiming to encrypt all of them in addition to documents, spreadsheets and multimedia files.

How Cerber ransomware works

Ransomware victims are not chosen…

Full Details
02 Sep
2016
The Economics of Extortion: Understanding the ransomware market

We all know money is the motivating force behind cybercrimes like the creation and distribution of Full Details

01 Jun
2016
Preparing Your Storage Environment for Tomorrow’s Opportunities

Businesses today can’t exist without data. They feed on it, breathe it, and those that understand how…

Full Details
10 May
2016
Preserving Value in Designing Lasting Storage Solutions

Storage solutions make or break the systems they support and yet these same systems are routinely seen…

Full Details
11 Jun
2015
Investigating the negative SEO threat

I was talking to Mark Schaefer and he said that SEO content today is about insight rather…

Full Details
11 May
2015
Not caring or not wanting to care

Last week I was walking down the street with a friend and a guy and a girl…

Full Details
03 Apr
2015
Is your culture interfering with data security?
With the ease and prevalence of global expansion, security leaders must understand how to implement…

Full Details
13 Mar
2015
Successful companies use security metrics

Successful security leaders demonstrate their effectiveness through metrics. Metrics are used more and more as security…

Full Details
03 Feb
2015
The case for consistency in security

Security spending could be compared to the stock market. It increases and decreases depending on intangibles such…

Full Details