According to a recent SANS report, 68% of organizations identify the lack of training and skilled staff as the primary barriers to operating a successful threat-hunting team. This year’s analysis found that 51% of security teams consider their threat-hunting posture as still maturing, acknowledging the need to...
No matter what aspect of cyber security you’re delivering, it takes both time and resources to properly plan, implement, tune, and manage an effective program. The MITRE ATT&CK framework is one of the fastest growing methodologies for structuring a cyber security program.
This white paper discusses the MITRE...
A major cause of corporate IT disruption stems from advanced unknown malware, phishing, and custom crafted attacks. Advanced malware is decidedly different from those detected by traditional signature-based anti-malware solutions as they are engineered to avoid detection using sophisticated evasion techniques. Even...
Virtually all organizations have experience dealing with outages, system failures and breaches, especially over the last two years. But why were some able to handle them better than others?
We surveyed over 2,100 SecOps, ITOps and DevOps leaders at large organizations across more than seven key industries.
We...
The increasing digital connectivity of industrial networks opens them up to cyber threats, underscoring the importance of protecting not just IT systems, but also operational technology (OT) systems. An analysis of the most prominent cyberattacks that occurred over the past five years across a variety of industries...
Cyberattacks focusing on IoT-connected devices present an additional challenge for critical infrastructure organizations in 2023, due to the large number of vulnerable smart devices that can be compromised remotely.
Explore this research which evaluates the threat landscape from July to December 2022 to report on...
The industrial control system (ICS)/operational technology (OT) security community is seeing attacks that go beyond traditional attacks on enterprise networks. Adversaries in critical infrastructure networks have illustrated knowledge of control system components, industrial protocols, and engineering operations. From...
Undetectable digital threats are unfortunately a part of the modern day era, and they cause various issues that escalate rapidly. It’s crucial to be able to detect and respond to an incident rapidly and effectively.
Having a secure framework in place, ready to deploy can rapidly remedy any immediate threats and...
Is your data security practice all that it should be? This ebook looks at five of the most prevalent and avoidable data security missteps organizations are making today, and how these ""common pitfalls"" can result in potentially disastrous attacks. Read now to see if your organization’s data security practices are...
The Active Adversary Playbook 2022 details the main adversaries, tools, and attack behaviors seen in the wild during 2021 by frontline incident responders. Adversaries continuously adapt and evolve their behavior and toolsets, leverage new
vulnerabilities and misuse everyday IT tools to evade detection and stay one...
It all started at the end of July 2018, following a fire in an electrical substation that led to a power outage for citizens and a major train station in Paris. Because of the time of year, RTE, the manager of France’s electrical infrastructure, found itself in the middle of a controversy about its responsiveness....
Having an incident response plan in place is essential for any engineering organization. A plan helps keep every person, tool, and process involved in your incident response workflow working together cohesively. Oftentimes, incident
response workflows are reactive, disorganized processes that move slower than...
As the pandemic abruptly shifted the work landscape, cyber attackers quickly evolved their tactics, which include ransomware, business email compromise, and account takeover attacks. And phishing attacks are persistent. But guess what. So are we.
Proofpoint is a vendor with end-to-end solution. We're confident that...
Starfleet Research reveals how top-performing organizations use advanced IoT security to protect network-connected devices from known and unknown threats. It also shares recommendations for leveraging machine learning to provide the visibility required to find and secure all IoT devices—known and unknown.
The...
Business email compromise (BEC), also known as email fraud, is one of cybersecurity’s costliest and least understood threats. As BEC schemes have evolved, industry nomenclature has outlived its usefulness. Without a framework to describe and break down BEC attacks—let alone conceptualize them—researching and...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.