As the Russia-Ukraine war continues, cybersecurity officials say the risk of attack spillover - and perhaps the direct targeting of critical infrastructure sectors outside Ukraine - remains high. The memo for CISOs is clear: Remain prepared.
In the latest "Troublemaker CISO" post, security director Ian Keller discusses the issue of supply chain security and whether you should disclose information about your supply chain to companies as part of the effort to secure it. His conclusion: Build your defenses and trust no one.
CyberEdBoard executive member Archie Jackson says security needs to be embedded by design at the inception of a project. He discusses how SASE is networking plus security plus identity and outlines how Network as a Service and Network Security as a Service combine to create SASE.
Two signs that the tide may finally, if slowly, be turning on ransomware: The number of victims who choose to pay continues to decline, while the amount they pay - when they choose to do so - recently dropped by one-third, reports ransomware incident response firm Coveware.
Does it ever feel like you can't fight that REvil/Sodinokibi ransomware feeling anymore? Victims might be all out of love with attacks launched under the banner of the group, which is tied to more than $200 million in losses, but despite repeated disruptions, REvil keeps returning - at least in name.
Don't stockpile cryptocurrency in case your organization falls victim to ransomware-wielding attackers and opts to pay a ransom. This might seem obvious to anyone aware of the volatility in Bitcoin's value, but some organizations reportedly used to employ this incident response strategy.
Marco Túlio Moraes of OITI, who is a CyberEdBoard executive member, confronts the metaphor of the cyberthreat as a bear in the forest and discusses how an organization must actively assess its environment, understand what its main risks are, and define a strategy to deal with them.
Security orchestration, or SOAR - Security Orchestration, Automation and Response, as it is known to some - is still an area in development, so there are misconceptions about its scope of use and effectiveness for a SOC team. Claudio Benavente discusses the top five security orchestration myths.
KKR plans to buy Barracuda Networks to support growth in managed detection and response, extended detection and response, and secure access service edge. KKR plans to provide resources and expertise to fuel Barracuda's growth past the $500 million sales figure it hit under Thoma Bravo's ownership.
Four years ago, Palo Alto Network coined the term XDR - extended detection and response. Today, Bruce Hembree, field CTO of Cortex - Palo Alto Networks, discusses the state and promise of XDR adoption, particularly for smaller security teams.
When it comes to advanced threat response, 42% of financial institutions say their current abilities are average. Only 35% say automation currently plays a strong role. Josh Zelonis of Palo Alto Networks and Sid Srivastava of Accenture analyze the State of Security Automation in Financial Services.