The Associated Press recently reported that email addresses of top DHS officials had been compromised as part of the massive SolarWinds hack. According to a DHS spokesperson, “a small number of employees’ accounts were targeted in the breach” and the agency “no longer sees indicators of compromise on our networks.” But what does that actually […]
by Will Gragido – Chief Strategy Officer, Prevailion What You Need and Why You Need It Target intelligence is intelligence that is derived from a unique tradecraft driven counterintelligence approach that empowers security teams with immediately actionable evidence of compromise (EoC). An uncommon capability whose time has arrived after decades of failed promise and often bitter […]
Whether it’s vendors that provide an external grade/score of a company’s risk, threat intelligence platforms or vulnerability management vendors, everyone is looking for the ultimate “risk score”. A Risk Score is like a home inspection report. It makes us feel like we are making good decisions in buying a new home by telling us what […]
Over a decade ago, security researchers at Microsoft identified a computer worm and dubbed it Ramnit. The malware family, “infects Windows executable files (.EXE) and HTML files (.HTML). It can also give a malicious hacker access to your PC. It spreads through infected removable drives, such as USB flash drives,” Microsoft warned. Fast forward to […]
Detecting and containing a data breach takes the better part of a year, approximately 280 days, for the average organization, according to IBM’s 15th annual Cost of a Data Breach Report, Unfortunately, the longer it takes to identify a breach, the bigger the price tag of the overall breach lifecycle. This year’s report found that […]
When conducting an audit of your cybersecurity plans, it’s important to reassess risk and evaluate whether established policies and procedures are both effective and actionable. To aid in cyber compliance, CSO Online said the updated compliance guidelines issued by the Department of Justice, “has particular relevance to the cybersecurity practices of organizations when it comes […]