David Bisson, Author at Security Boulevard

What Is Log Management and Why you Need it

| | FIM, SCM, Security Controls
To remain competitive in the digital age, organizations frequently introduce new hardware devices and software installations to their IT environments. The problem is that these assets might suffer from vulnerabilities that attackers could misuse, if unpatched, to change a device’s configuration or make unauthorized modifications to some of the organization’s ... Read More

5 Ways to Navigate the Threat Landscape Conveyed in Verizon’s DBIR 2021

On May 13, Verizon released its Data Breach Investigations Report (DBIR) 2021. This annual publication serves many purposes. It yields context into what security analysts are seeing, for instance. But it also affects organizations’ security postures at an even higher level. Here’s Anthony Israel-Davis, research and development manager at Tripwire, ... Read More

How Tripwire Can Help to Defend Against Ransomware

Ransomware is having a bit of a moment. Check Point revealed that ransomware attacks increased 102% globally in H1 2021 compared to the start of the previous year, with the number of corporate ransomware victims having doubled over that same period. Average ransom payments also grew 171% from $115,123 in ... Read More
Accenture Responds Following LockBit Ransomware Attack

Accenture Responds Following LockBit Ransomware Attack

Global IT consultancy company Accenture announced that it has fully restored its systems after experiencing a LockBit ransomware attack. On August 11, Accenture shared details about an incident involving some of their IT assets ... Read More

White House Memo Takes on Securing Critical Infrastructure Control Systems

Attacks targeting critical infrastructure have been on the rise in recent years. Back in 2019, for instance, 56% of utility professionals responsible for overseeing risk in their organizations’ operational technology (OT) assets told Siemens and the Ponemon Institute that they experience at least one shutdown or operational data loss event ... Read More

What’s New in v8 of the CIS Controls

Back in 2018, the State of Security spent a lot of time going over v7 of the Center for Internet Security’s Critical Security Controls (CIS Controls). We noted at the time how the Center for Internet Security shuffled the order of requirements for many of the existing controls in that ... Read More
DOJ Recovers $2.3M in Bitcoin Ransom Paid by Colonial Pipeline

DOJ Recovers $2.3M in Bitcoin Ransom Paid by Colonial Pipeline

Investigators recovered $2.3 million in bitcoin paid by the Colonial Pipeline Company to DarkSide following a ransomware attack in early May. On June 7, the Department of Justice (DOJ) revealed that law enforcement agencies had been tracking transfers of bitcoin when they spotted the movement of 63.7 bitcoins associated with ... Read More

Understanding the Cloud Security Challenges for SMBs

The events of 2020 didn’t prevent small- to mid-sized businesses (SMBs) from adopting the cloud. Impact Networking reported that SMBs’ overall cloud spending grew 6.3% between 2019 and 2020. Such growth is projected to lead more than a third (35%) of SMBs to annually spend between $600,000 and $1.2 million ... Read More

“Network Security” the Biggest Concern for Public Cloud Adoption, Reveals Survey

Cloud misconfigurations represent something that’s plaguing many organizations’ cloud adoption efforts. For example, a 2020 report found that 91% of cloud deployments contained at least one misconfiguration that left organizations exposed to potential digital threats. Those weaknesses contributed to more than 200 data breaches between 2018 and 2020, noted SC ... Read More
Record Setting $40M Ransom Paid to Attackers

Record Setting $40M Ransom Paid to Attackers

CNA, one of the largest U.S. commercial and casualty insurance companies, reportedly met a $40 million ransom demand after suffering a ransomware infection earlier in the year. As of this writing, that’s the largest ransom demand ever reported to have been paid by a company following a ransomware attack ... Read More