What To Do When an Admin is Compromised
A common tactic used by hackers once they have landed within your environment, is to escalate their level of access by compromising a user with administrative privileges. In this post, we cover the issues with admin accounts being compromised, and the steps you can take if you believe one of ... Read More
How CMMC Measures Up to Other Compliance Frameworks
If you’re reading this post, chances are you have been through a regulatory compliance push before. And you’re probably hoping that (at least) some of your previous efforts will count towards newer frameworks, like the Cybersecurity Maturity Model Certification (CMMC).Well, we’re here to tell you where that might be the ... Read More
How CMMC Measures Up to Other Compliance Frameworks
If you’re reading this post, chances are you have been through a regulatory compliance push before. And you’re probably hoping that (at least) some of your previous efforts will count towards newer frameworks, like the Cybersecurity Maturity Model Certification (CMMC).Well, we’re here to tell you where that might be the ... Read More
Data Breach Notification Myths Busted
With the advent (and multiplication!) of privacy regulations around the world at both national and sub-national levels, it can be hard to know what your obligations and responsibilities are under these laws. These various frameworks are driven by governments, regulators, and other professional bodies and as a result there is ... Read More
How to Build Board-worthy Cybersecurity Business Cases
We have looked at Cybersecurity business cases in the past, relating the cost of a proposed solution to the potential cost of a breach. That framework hasn’t gone away - but, there are some other pieces to consider when crafting a cybersecurity business case to truly sway CIOs and board ... Read More
Does Your Incident Response Plan Actually Help?
Does your IR Plan Help During a Breach? ... Read More
Supplier Hacked? Next Steps to Take
It's not a call you want to get. One of your suppliers is in touch to let you know they have been victimized by a cyber-attack. Whether it was ransomware or a phishing scheme or just a malicious file that someone clicked on, you immediately start thinking about the ramifications ... Read More
How Understanding Cybersecurity Threats Influences Your Defenses
There are the threats you know of. Then, there are the threats you should actually be defending against. Right now, some people think that these are the big cybersecurity monsters: ... Read More
How Not to Pay a Ransom (Twice)
I can say it until I’m blue in the face: don’t pay the ransom, ever. Period. Even if you’re the victim of a ransomware attack, don’t pay the hackers.In fact, I wrote an article explaining why paying the ransom only leads to more problems for your organization in the long ... Read More
Evaluating Paths to Incident Response
If you're reading this, chances are you’re actively trying to improve your security to prevent a breach, or you're experiencing a breach right now and trying to determine what to do about it.Most of the advice you've found so far probably has you writing an incident response (IR) plan and ... Read More
