Resources

Blog

Tips for Defending Against Adversarial Actions Regardless of Their Origin

When an unfortunate event occurs, people tend to be curious about who was responsible for the event. It can be interesting and helpful to know who your enemy is and what their motives might be. But in cybersecurity, the primary focus is ultimately on preventative and detective measures to avoid similar issues. Let’s use a recent example to illustrate...
Blog

Designing a 100-Day Sprint for OT Cybersecurity: What to Consider

As we begin a new year, many organizations will enter a “goal-setting and strategic planning” season. During this time, individuals are re-energized and motivated to record new accomplishments for their professional development. Traditional corporate goal setting aligns with fiscal calendars and forces companies and individuals to build goals in...
Blog

How to Fulfill Multiple Compliance Objectives Using the CIS Controls

Earlier this year, I wrote about what’s new in Version 8 of the Center for Internet Security’s Critical Security Controls (CIS Controls). An international consortium of security professionals first created the CIS Controls back in 2008. Since then, the security community has continued to update the CIS Controls to keep pace with the evolution of...
Blog

The Supply Chain Needs Better Cybersecurity and Risk Management

The supply chain is under a historic amount of pressure, but the strain on its cybersecurity and risk management may be in even worse condition. As 2021 draws to a close, the global supply chain is in a state comparable to rush-hour traffic in bad weather. Everything seems to be backed up whether due to supply and demand issues, wait times at...
Blog

Why Is It Important to Invest in OT Cybersecurity for 2022?

As we enter 2022, it’s important that organizations invest in cybersecurity for their operational technology (OT) systems. Why? One of the reasons is that Industry 4.0 can sometimes introduce more risk for OT. This is evident in several Industry 4.0 market trends. For example, there’s digital twin infrastructure. That’s where you make a digital...
Blog

How Should Organizations Tackle Their Data Privacy Requirements?

Data is among the most valuable assets that need to be safeguarded at all costs. But in the digitally-driven business world, cybercrimes are prevalent, making data protection and data privacy a main focal point. The increasing use of technology and the growing exposure to evolving cyber threats have dramatically changed the data security and privacy...
Blog

Malicious USB drives are being posted to businesses

A notorious cybercrime gang, involved in a series of high profile ransomware attacks, has in recent months been sending out poisoned USB devices to US organisations. As The Record reports, the FBI has warned that FIN7 – the well-organised cybercrime group believed to behind the Darkside and BlackMatter ransomware operations - has been mailing...
Blog

The 5 Stages of a Credential Stuffing Attack

Collecting Credentials Many of us are fond of collecting things, but not everyone is excited about Collections #1-5. In 2019, these Collections, composed of ca. 932 GB of data containing billions of email addresses and their passwords, made their way around the Internet. These collections weren't breaches but compilations of emails and passwords...
Blog

VERT Threat Alert: January 2022 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s January 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-981 on Wednesday, January 12th. In-The-Wild & Disclosed CVEs CVE-2022-21919 This vulnerability was a bypass to CVE-2021-34484, released by the same researcher, Abdelhamid Naceri. The...
Blog

What Is FIM (File Integrity Monitoring)?

Change is prolific in organizations’ IT environments. Hardware assets change. Software programs change. Configuration states change. Some of these modifications are authorized insofar as they occur during an organization’s regular patching cycle, while others cause concern by popping up unexpectedly.Organizations commonly respond to this dynamism by...
Blog

Tripwire Patch Priority Index for December 2021

Tripwire's December 2021 Patch Priority Index (PPI) brings together important vulnerabilities for Apache, Ubuntu Linux Kernel, and Microsoft. First on the patch priority list this month are patches for Apache Log4j2 vulnerabilities, most importantly for the Log4j2 "LogShell" remote code execution vulnerability. There are many attack vectors via...
Blog

How Will ISO 27701 and the GDPR Affect Your Organization?

Companies today face increasing pressure to implement strong cybersecurity controls. While the U.S. has no comprehensive cybersecurity law, many organizations still fall under state, international, or industry regulations. Two of the most prominent controlling publications are the General Data Protection Regulation (GDPR), and the ISO 27701 standard...
Blog

Can We Lighten the Cybersecurity Load for Heavy Industries?

One of the biggest problems with the IT / OT convergence in critical infrastructure is that much of the legacy hardware cannot simply be patched to an acceptable compliance level. Recently, Sean Tufts, the practice director for Industrial Control Systems (ICS) and Internet of Things (IoT) security at Optiv, offered his perspectives on where the...
Blog

Tips, Advice, and Insights on Achieving Buy-in for Cybersecurity Projects

A CISO’s job can be one of the most stressful in cybersecurity. It can sometimes feel like an avalanche of responsibilities, all in the pursuit of keeping an organization safe. The problem more often than not comes down to the issue of obtaining funding for new technology that can make the job easier. In reality, CISOs can't always obtain the...
Blog

Integrity: A Key Facet of Zero Trust

On May 12, The White House published its Executive Order (EO) on Improving the Nation’s Cybersecurity. The directive outlined a set of focus areas intended to improve cybersecurity for the federal government and critical infrastructure sectors including information sharing, supply chain security, endpoint detection and response, and cloud security. ...