July 2020

Lower the Price Tag of a Data Breach with Threat Intelligence

Detecting and containing a data breach takes the better part of a year, approximately 280 days, for the average organization, according to IBM’s 15th annual Cost of a Data Breach Report, Unfortunately, the longer it takes to identify a breach, the bigger the price tag of the overall breach lifecycle.  This year’s report found that more than half (52%) of breaches are the work of malicious actors. Of those, 13% of breaches are reportedly caused by nation state attackers.The findings also revealed that more attackers are using compromised credentials and leveraging...

Share Post

SecDevOps Engineer

The SecDevOps Engineer works in Prevailion’s Intelligence team. In this role, you will work collaboratively with internal teams to deploy, manage, and maintain systems and infrastructure key to the Intelligence team’s success and growth and that of Prevailion....

Share Post

Evidence of Compromise – No Fun for CISOs

Meet Ellen. As CISO for a regional bank, she spends her time spreading security awareness, coaching her managers, and supporting the selection of security tools. Ellen doesn’t know that her bank has been compromised, or that a nation-state has been funneling data out of her network with impunity. After three years of pleasant ignorance, Ellen happily retires from the bank and moves to Florida where she enjoys sailing....

Share Post

More evil: A deep look at Evilnum and its toolset

ESET has analyzed the operations of Evilnum, the APT group behind the Evilnum malware previously seen in attacks against financial technology companies. While said malware has been seen in the wild since at least 2018 and documented previously, little has been published about the group behind it and how it operates....

Share Post

How Auditors Can Make Compliance Programs More Effective

When conducting an audit of your cybersecurity plans, it’s important to reassess risk and evaluate whether established policies and procedures are both effective and actionable. To aid in cyber compliance, CSO Online said the updated compliance guidelines issued by the Department of Justice, “has particular relevance to the cybersecurity practices of organizations when it comes to, for example, data breach and other security-related lawsuits.” Essentially, the document outlines how to assess, “whether a particular compliance program works in practice.” Toward that end, the guidelines pose three questions that every compliance...

Share Post