Context

Tip of the Spear: Evidence of Breach and Breach Intelligence

Introduction For quite some time we at Prevailion have been speaking publicly to the nature of the differences between Prevailion and other vendors in the threat intelligence market, and for good reason. There are two key concepts at the forefront of every discussion that I and my peers have when discussing who we are, what we do, why we are unique, and what we do: Evidence of Compromise (EoC), and Compromise Intelligence (CI). There is little that leads me to believe as I write this blog that there are any vendors current or emerging who are approaching...

Share Post
Broken Security Promises and the Big Threat from Smaller Partners

Broken Security Promises and the Big Threat from Smaller Partners

When two companies are directly connected to each other, they need to believe that the other is doing all it can to shore up its defenses. What happens, though, when the relationship between two companies is distinctively different and imbalanced because of size. Enterprises, while often the target of sophisticated actors, have a sizable IT and security budget that allows them to build defense in depth. That’s not always the case for small businesses, which leaves them vulnerable to cyberattacks.  The US Small Business Administration recently reported, “88% of small business...

Share Post

Human Fallibility: A Threat that Flows Through Your Entire Downline

Earlier this year Dark Reading published a six part series, “Cybersecurity and the Human Element: We’re All Fallible,” in which the authors examined common mistakes of end users as well as the potential repercussions of human error. All signs supported their claim that we are indeed all fallible. Human beings are vulnerable to exploitation, but security practitioners know this. Thus, it's not really human beings that are the problem. The greater threat is that when attackers are successful through this vector, malware can infiltrate the network and hide out completely...

Share Post
What’s Missing in Third-Party Risk Assessments

What’s Missing in Third-Party Risk Assessments

Assessments are important. You’d be hard pressed to find any cybersecurity professional who would argue they aren’t needed, but the problem with third-party risk assessments is that they are far from comprehensive. Understanding the hygiene and potential vulnerabilities of an organization is incredibly important. But it doesn’t reveal the full picture.  Point-in-time assessment of an organization is not enough because it doesn’t offer an exhaustive understanding of the risks. There are dynamic--and often undetected--problems specific to malware delivered by extremely sophisticated and versatile threat actors. These actors have the ability to...

Share Post

Ransomware Gangs Continue to Shame Victims

Everyone has something to hide. The beauty of that truth for hackers is that even if they don’t know their target’s dirty little secrets, they know that no one wants their secrets exposed. The mere threat of being publicly shamed may be enough to make some victims pay. Businesses, though, don’t have personal secrets. They have customer data and intellectual property, which they are responsible for protecting.  So when the malicious actors operating the Maze Ransomware launched “Maze News” in November, they may have seen a spike in the number of...

Share Post

An Apple A Day Won’t Keep Malware Away

When researchers at Independent Security Evaluators published its 2016 report, Hacking Hospitals, the idea that vulnerabilities in medical devices could result in patient harm seemed like a serving of FUD (fear, uncertainty and doubt). Four years later, as we debate how and whether to return to life as we knew it before quarantine, there is irrefutable evidence that the health care sector is highly vulnerable to attack.  From daily news stories to scholarly articles, security experts continue to warn of the cyber threats the health care sector is facing, yet they...

Share Post

How Effective Are Your Security Investments?

According to the annual ESG survey, 60% of companies said they were targeted with a ransomware attack in 2019. Not surprisingly, those organizations are looking to augment their cybersecurity tools and processes. Defense in depth has long been touted as a reliable approach to securing the enterprise, and the strategy of adding layers has led to increased security spend. Notably, “62% of organizations will increase their security spending in 2020, continuing a multi-year boom in security technology investments,” the report said.  The Risks of Too Many Layers Spending more money on security...

Share Post

Visibility is Key to Securing Election Infrastructure

While many feel that they are living in Groundhog Day, the days and weeks do continue to pass us by, bringing the 2020 Presidential election closer with still no clear path for securing the election process. Recognizing the risks, the National Institute of Standards and Technology (NIST) published a document of risk management for election security. NIST certainly isn’t the only government (or non-government) agency to offer such guidance because the issue of election security is complex and further complicated by more than old technology. What are the risks? That’s not...

Share Post

The Q1 2020 Apex Report

How did a group of criminals come to be responsible for such a costly enterprise? Threat actors are distributed, and they don’t form one cohesive group,  but the holes they've punched in organizations and governments through infiltration, compromises, and breaches have collectively amounted to this staggering estimate....

Share Post