Resources

Blog

EU Is Tightening Cybersecurity for Energy Providers

The energy sector is having a tumultuous decade. During the COVID pandemic, the price of oil plummeted. In 2021, a ransomware attack forced one of the US’s most significant oil pipelines to cease operations for five days, causing a state of emergency in seventeen states. Putin’s war in Ukraine has disrupted natural gas supplies across Europe. And now, it seems, it is the electricity providers’...
Blog

Data Destruction: The Final Line of Defense Against Cyber Attacks

Data is the lifeblood of modern organizations, and while watertight data protection policies are undeniably crucial, the need for robust data destruction methods has never been more pressing. Ultimately, all parties and vendors in your supply chain trust you to maintain the integrity of their data. Once that data is no longer needed, transparency...
Blog

Measuring the Effectiveness of File Integrity Monitoring Tools

A security incident can be the result of a single unauthorised change. A few may say, 'one change is inconsequential, don't sweat the small stuff.' But when it comes to infrastructure security, the detail is of paramount importance! Just a single edit to a single line item can have a negative effect on an entire file or operating system. It's...
Blog

Cloud Sprawl: How to Tidy It Up

Cloud computing offers indisputable benefits, but with the caveat that it can quickly become a disorganized jumble unless adequately managed. It’s common for the average organization to use dozens of cloud instances, solutions, and resources scattered across multiple platforms. Such off-premises services quickly accumulate to accommodate the company...
Blog

Achieving Automated TISAX Compliance

Cyberattacks on the automotive industry are becoming more sophisticated. In its 2024 Automotive Cybersecurity Report, Upstream found that 50% of all automotive cyber incidents in 2023 had a high or massive impact. Similarly, 95% of all attacks in 2023 were executed remotely, and 37% of attacker activities in the deep and dark web target multiple original equipment manufacturers (OEMs)...
Blog

How Criminals Are Leveraging AI to Create Convincing Scams

Generative AI tools like ChatGPT and Google Bard are some of the most exciting technologies in the world. They have already begun to revolutionize productivity, supercharge creativity, and make the world a better place.But as with any new technology, generative AI has brought about new risks—or, rather, made old risks worse. Aside from the much-discussed potential "AI apocalypse" that has...
Blog

10 Years in Prison for $4.5 million BEC Scammer Who Bought Ferrari to Launder Money

A scammer has been sentenced to 10 years in prison for laundering over US $4.5 million obtained by targeting businesses and the elderly with Business Email Compromise (BEC) and romance fraud scams. Malachi Mullings, a 31-year-old from Sandy Springs, Georgia, was charged with opening 20 bank accounts in the name of a sham company, The Mullings Group LLC, to launder millions of dollars generated...
Blog

HITRUST: the Path to Cyber Resilience

Much has been made of cyber resilience in recent years. And with good reason: failing to bounce back quickly from a security event can have dramatic financial consequences. In early 2023, Royal Mail took several days to recover from a Lockbit cyberattack, losing upwards of £10 million in the process. However, for all the talk about resilience, the industry seems to be overlooking one of its...
Blog

Top 7 Cybersecurity Trends for Enterprises in 2024

How can an organization prepare to be cyber-resilient in 2024? The major trends to look out for seem to focus mainly on AI. While the rise of generative AI indeed poses challenges, executives should be cautious not to miss other critical trends that will shape the cybersecurity landscape this year. AI-driven Social Engineering Since the advent of...
Blog

The UK’s Cybersecurity: Where Is it and Where Is it Going?

In early April this year, the UK's Department for Science, Innovation and Technology (DSIT) released its Cybersecurity Breaches Survey 2024. It provides a comprehensive overview of the UK's cybersecurity landscape, exploring the different cyberattacks and cybercrimes businesses, charities, and private sector educational instructions face, the...
Blog

The Interplay of AI and Cybersecurity: Survey Results

Artificial intelligence (AI) has a long and storied history. Ancient Greeks, for example, told stories of Talos, an enormous automaton that stood guard over Crete’s shores. In the 17th century, Gottfried Leibniz, Thomas Hobbes, and René Descartes explored the possibility that all rational thought could be as systematic as algebra or geometry. By the...
Blog

Closing the Skills Gap for Women in Cybersecurity

Cybersecurity is more important than ever. With a skyrocketing number of cyber threats and data breaches, organizations are always on the lookout for ways to strengthen their online defenses. However, one major obstacle the cybersecurity sector faces is a lack of diversity and representation of women. According to Cybersecurity Ventures research,...
Blog

Making Data Integrity Easy: Simplifying NIST CSF with Tripwire

When you think of the cybersecurity "CIA" triad of Confidentiality, Integrity, and Availability, which one of those is most important to your organization? While the answer may vary by season for your organization, there is no argument that they are all equally vital sides of that CIA triangle, and each deserves the correct level of care and attention...
Guide

What Experts Have to Say About Choosing the Right Cybersecurity Frameworks

Frameworks like the Center for Internet Security (CIS) Controls, MITRE ATT&CK and the National Institute of Standards and Technology (NIST) Cybersecurity Framework give organizations clear, step-by-step methodologies for protecting their sensitive data, leveraging a wealth of industry knowledge to take the guesswork out of your security program.While these cybersecurity frameworks aren’t mandatory...
Guide

Staying Current With the Transportation Security Administration’s Oil and Gas Security Directives

Escalating cyberthreats in the oil and gas industry underscore the need for substantial collaboration between public and private sectors to mitigate this national security risk, and much of this responsibility falls on the shoulders of individual pipeline operators who need to comply with the Transportation Security Administration (TSA) Security Directive.Despite being best known for its role in...
Blog

Top 7 Technical Resource Providers for ICS Security Professionals

Attacks against industrial control systems (ICS) are on the rise. Cyberattacks are more prevalent, creative, and faster than ever. So, understanding attackers' tactics is crucial. The IBM Security X-Force Threat Intelligence Index 2023 highlights that backdoor deployments enabling remote access to ICS systems were the most common type of attacker...
Blog

Understanding the Key Differences Between FIM and EDR

File integrity monitoring (FIM) and endpoint detection and response (EDR) are two cybersecurity solutions that are often foundational aspects of organizations’ security strategies. EDR is implemented in order to stop known and unknown threats at endpoints, often with advanced functions such as behavioral monitoring and analysis, antivirus protection...
Blog

VERT Threat Alert: May 2024 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s May 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1106 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-30040 Up first this month, we have a security feature bypass in MSHTML. More specifically, we have an Object...
Blog

Insider Threats Maintain a Rising Trend

“When the cat’s away, the mouse will play,” the old adage goes. Filings to anti-fraud non-profit Cifas would support that claim, as Insider Threat Database (ITD) reports rose by 14% this past year and are largely attributable to hard-to-monitor work-from-home employees mixed with “increasing financial pressures.” The report details further incidents...