Cybersecurity Executive Insight, opinions and analysis l SC Media

Executive Insight

jerome segura

Malvertising: the invisible enemy

For years, cybercriminals have leveraged malvertising, or malicious advertising, to deliver malware.  Without a doubt, malvertising is the ultimate weapon for criminals to gain access to a wide audience visiting popular websites, and at the same time be able to precisely target potential victims. And they can do all of this without being seen. Malvertising…

Limor Kessem

IoT? I don’t care

Is lax consumer attitude piling up IoT risk? Internet of Things, or IoT, is the third, natural wave of progression in the development of the Internet. People all around the globe are already using the IoT, enjoying it, and expecting to see more convenience and utility from it. IoT is definitely popular, judging by statistics…

New York’s new cybersecurity requirements: Are you ready

The New York State Department of Financial Services (DFS), has implemented a new regulation requiring all its supervised companies to comply with the Financial Services’ Cybersecurity Requirements which goes into effect March 1, 2017. This is being publicized as the “First-in-the-Nation Proposed Rule Aims to Protect Consumer Data and Financial Systems from Terrorist Organizations and…

It’s 2017: Is anything not critical infrastructure?

Here is my question for each of us to ponder—with respect to our public and private lives alike. Have we contemplated the parameters of critical infrastructure in a connected world? You know, a world where your grandmother’s new “intelligent” refrigerator could be linked to the takedown of the U.S. Federal Reserve or a network-enabled HVAC…

Measuring Your Incident Response Program

Your company has done its homework and put a strong incident response plan in place. Great work. Time to move on until a crisis manifests and you need to “pull it off the shelf” right?  Unfortunately, the real work has just begun. Your company must constantly improve and test the effectiveness of its incident response…

Want to cripple your attackers R&D arm? Look for them on your network…

As I explained in a previous post, hacking back can not only constitute a crime, but it rarely does any significant damage to the somewhat advanced attacker, given the disposable, tactical nature of the attacker’s assets that are typically targeted and exposed during a hack-back operation.  Inflicting significant damage to a cyber attack organization is…

Accountants are not the only people preparing for tax season

Tax season is upon us and that means the bad guys will be getting very busy over the next few months. Tax season is historically a golden opportunity for malicious actors to scam victims out of their tax refunds as well as their very identities. In the first two weeks of this new year we…

maxim weinstein

Finding your ideal endpoint protection—next-gen or otherwise—to achieve prevention, detection and response.

In my last post, I concluded that choosing the endpoint security solution that best fits your business is more important than debating whether a product is or isn’t “next-gen.” This time around, I’ll share some considerations for how to go about finding that ideal solution. If you’re considering an endpoint security change, it’s likely because…

MongoDB: The case for not paying the database hijackers

Thousands of MongoDB databases held for ransom In the last weeks, it’s come to light that thousands of MongoDB databases have been hijacked.  At last count, there have been over 30,000 databases being held for ransom.  The various people responsible for the hijackings are accepting payment through bitcoin.  You shouldn’t pay! What is MongoDB? MongoDB…

Next post in Executive Insight