Threat hunting is a human-led, machine-assisted initiative, where hunters look at datasets and patterns to determine whether there’s malicious activity or an active adversary in the network. As companies try to stay ahead of the latest, ever-evolving threats, it’s a practice that has become increasingly important to help monitor and manage what’s happening on the…
What’s in a Brain? In my previous blog [CS(1] , I explored how we should approach automation using the Triune Model of the human brain. I broke down how many view our metaphorical brain in three key functional parts: the lizard, the dog, and the primate. I explained how each of those areas function and how…
As our businesses become more digital, there are certain patterns we can borrow from our own evolution to better model and improve our approach to security and efficiency. There’s only so much that the security professionals can do on their own as businesses grow more complex. To maintain a strong security posture, you need to…
Although deepfakes have only been around for a few years, they are quickly becoming a key element in a new era of digital threats. While some teeter on the more comical side – think Will Smith turned into Cardi B on The Tonight Show – others are creating disillusionment and propelling the era of fake…
While some in the industry are making the argument that enterprises don’t need VPNs anymore (principally vendors that don’t offer VPN solutions), nothing could be further from the truth. To mangle Mark Twain’s famous quote, press reports of the death of VPN are greatly exaggerated. VPNs remain the proven and reliable method of providing protected…
Ransomware is by far and away the fastest growing attack method in cybercrime. It’s a trend that has only continued in 2019, with a serious uptick in the number of ransomware incidents and insurance claims in just the last couple of months. As the volume and efficacy of attacks continue on an upward trajectory, another…
Traditional security solutions were designed to identify threats at the perimeter of the enterprise, which was primarily defined by the network. Whether called firewall, intrusion detection system, or intrusion prevention system, these tools delivered “network-centric” solutions. Innovation was slow because activity was dictated, in large part, by the capabilities, and limitations, of available technology resources.…
The end user computing landscape has undergone massive shifts as the way employees prefer to work has dramatically changed over the past decade. Consider the not-so-distant days of when all employees came into a physical office location daily and logged into a stationary, company-issued computer that was connected to a secure corporate network. Things look…
In today’s world, it may be tempting for smaller businesses to avoid addressing cybersecurity when it’s often large, well-financed corporations that are making headlines for experiencing data breaches. That may explain why smaller businesses, a market segment where more than 50 percent of companies do not have a strategy to address IT security, are particularly…
While presenting to 300 CEOs of large companies at a recent conference, I asked for a show of hands if their organizations are driving digital transformation. Raised hands filled the room. I then said, “Keep them up if you’ve transformed your security infrastructure as well.” Almost every hand dropped, and I was met with blank…
