There’s no doubt that bank data breaches cost businesses money, but there are costs associated with breaches that add up beyond a round dollar figure. Most studies that calculate the costs from breaches focus on short-term quantifiable costs such as discovering and mitigating the breach and recovering assets. But the long-term, indirect breach costs — costs such as hits to… Read More
Identifying and matching organizational roles with the correct cyber security training content is critical, but it is also important to manage programs at every step to get maximum value from them. Program management means ensuring your training objectives match organizational roles, and following up training with practice runs and refreshers to keep specific skill sets… Read More
In our previous blog, we discussed how insufficient network segmentation can be exploited by attackers and pen testers. This week, we discuss a finding that we frequently abuse during the privilege escalation phase of our penetration testing assessments, particularly for those involving public sector clients. This phase occurs after our operators have gained a foothold and… Read More
Every year, Delta Risk conducts hundreds of cyber security assessments, including penetration testing, for a wide range of commercial and public sector clients. Many of these organizations share similar weaknesses in their people, processes, and technology. But each assessment also presents new technical challenges for us to solve. In this five-part blog series, we’ll discuss our findings… Read More
Delta Risk has partnered with the Information Security Community on LinkedIn to examine the latest cyber security trends, investment priorities, challenges, and solutions regarding security-centric topics such as cloud security, mobile security, threat management, application security, managed security, and more. Let your voice be heard, and take the cyber security survey today! Everyone who completes this comprehensive survey will receive a… Read More
As 2016 draws to a close, we predict that the term hunt will continue to be a talking point throughout the cyber security community in 2017. As we pointed out in a previous blog, Threat Hunting: More Than a Marketing Buzzword, cyber threat hunting involves any concentrated effort to discover attackers inside your network that everyone else may have missed… Read More