The Two Faces of AI in Identity Management
The advent of AI made identity the most-targeted part of the attack surface. But without AI, identity is a sitting duck ... Read More
Finding the Right Tools for Response and Visibility in the SOC
One of the more difficult tasks for a cybersecurity professional—from the CISO to the person responsible for log management in the SOC—is to convey the importance of security, compliance and governance to those within the company who aren’t cybersecurity professionals. The biggest problem comes at the board level, according to ... Read More
AI in the SOC
AI does what humans can’t do alone, even with a SOC—defend against dynamic and progressive cyberattacks ... Read More
The Mature SOC’s Role in Security Operations
There is a lot of talk about building an effective cybersecurity program, with security analysts recommending that your organization strive for cybersecurity maturity. But what do they mean by maturity, and what is the role of the SOC in reaching that point? Cybersecurity maturity measures the success of the security ... Read More
Considering the Cost of Failure in Security Operations
How do you measure the cost of failure? This was a question posed by SecureIQLab’s VP of Research and Corporate Relations, David Ellis, and senior analyst Randy Abrams, during a conversation at RSA Conference 2023. The knee-jerk, instantaneous answer is that the cost of failure is equal to the dollar ... Read More
The FBI Could Help Retrieve Your Data After a Ransomware Attack
To pay or not to pay? That is the question leadership and security teams ask whenever they deal with a ransomware attack. The recommendation from the FBI is to not pay, stating on its website that “paying a ransom doesn’t guarantee you or your organization will get any data back ... Read More
Understanding the Progression of a Ransomware Attack
Everyone should be familiar with ransomware and its impact on businesses by now. But while you may understand the very basics of ransomware, you can’t really protect your organization until you are familiar with the entire ransomware attack life cycle from the time threat actors get into your system until ... Read More
How Poker Skills Help Guide Ransomware Payment Decisions
A ransomware attack does more than just hold your data hostage. It can create situations that end up crippling your organization’s ability to move forward or make good, effective decisions quickly. Even those companies that have a ransomware response plan in place may wonder whether their decision to pay—or not ... Read More
Advice from the ISACA Ransomware Response Checklist
A decade ago, most companies realized that being hit with a data breach was inevitable—the well-known “when, not if” statement drove that idea home. The time has come to make a similar realization about ransomware. Tenacious cybercrime rings and the easy availability of ransomware toolkits, as well as the financial ... Read More
Has the Altruism Model of Open Source Security Peaked?
With an executive order, the Biden administration attempted to address concerns around open source software’s security. In Section 4 of Executive Order 14028, Improving the Nation’s Cybersecurity, open source and the software supply chain was specifically mentioned, with a requirement for “ensuring and attesting, to the extent practicable, to the ... Read More
