There’s no doubt that bank data breaches cost businesses money, but there are costs associated with breaches that add up beyond a round dollar figure. Most studies that calculate the costs from breaches focus on short-term quantifiable costs such as discovering and mitigating the breach and recovering assets. But the long-term, indirect breach costs — costs such as hits to… Read More
Tag: cyber security
Top 3 Tips For Building an Effective Cyber Training Program
Identifying and matching organizational roles with the correct cyber security training content is critical, but it is also important to manage programs at every step to get maximum value from them. Program management means ensuring your training objectives match organizational roles, and following up training with practice runs and refreshers to keep specific skill sets… Read More
Identifying Local Admin Misconfigurations for Domain Privilege Escalation
In our previous blog, we discussed how insufficient network segmentation can be exploited by attackers and pen testers. This week, we discuss a finding that we frequently abuse during the privilege escalation phase of our penetration testing assessments, particularly for those involving public sector clients. This phase occurs after our operators have gained a foothold and… Read More
5 External Cyber Penetration Testing Lessons Learned From 2016 Security Assessments
Every year, Delta Risk conducts hundreds of cyber security assessments, including penetration testing, for a wide range of commercial and public sector clients. Many of these organizations share similar weaknesses in their people, processes, and technology. But each assessment also presents new technical challenges for us to solve. In this five-part blog series, we’ll discuss our findings… Read More
Take the Cyber Security Survey 2017 [And Get the Free Report]
Delta Risk has partnered with the Information Security Community on LinkedIn to examine the latest cyber security trends, investment priorities, challenges, and solutions regarding security-centric topics such as cloud security, mobile security, threat management, application security, managed security, and more. Let your voice be heard, and take the cyber security survey today! Everyone who completes this comprehensive survey will receive a… Read More
[White Paper] Cyber Threat Hunting: How to Find Attackers Others Missed
As 2016 draws to a close, we predict that the term hunt will continue to be a talking point throughout the cyber security community in 2017. As we pointed out in a previous blog, Threat Hunting: More Than a Marketing Buzzword, cyber threat hunting involves any concentrated effort to discover attackers inside your network that everyone else may have missed… Read More