Pulling the plug on the Internet is often jokingly referred to as the best solution for network security. All kidding aside, anything you can do to make it harder for the bad guys to gain access to your network can have a positive impact on your overall security posture. That begs the question: with so many… Read More
Penetration testing and other technical assessments are designed to be practical, useful exercises to examine your security defenses and look for holes in your network or applications. There’s real value in performing these assessments to see how threat actors might be able to get into your organization and take proactive steps to address any problems. However, if the… Read More
Any time I’m asked to speak about my experience in the cyber security field, whether I’m at a trade show or speaking to candidates interested in breaking into the industry, I invariably get the question about what it takes to be a pen tester. In this blog, I’ll touch on some of the most important qualities… Read More
Yesterday, I attended our webinar, “How to Unlock the Full Potential of Insider Threat Tools,” and it got me thinking about the relationship between technology and past successes of insider threats. Rich Burke, Vice President of Public Sector, made a critical point during the webinar that failure to detect insiders isn’t exclusively a technology issue. There are plenty… Read More
While insider threat attacks continue to make waves in the news, the origins of insider threats go back decades and even centuries. Insiders have emerged in religious texts, insiders have brought down empires, and insiders have stolen money and information from various organizations. There are few industries or organizations that have escaped the threat from their own people… Read More
There’s no shortage of analysis on the Petya ransomware strain that struck organizations across the globe in the past month. You can find blog posts and articles covering practically every angle – from the machine language nuances of the code, to the length of the encryption key, to the possible nationality of the code writer…. Read More