Information Security Blog

There is the hotel chain, the genealogy site, and the social media platform used by billions. These are just a few of the companies in 2018 that experienced a megabreach, which is the loss of 10 million records or more. With more individual records exposed in the first six months of 2018 than in all of 2017, one could call 2018 “The Year of the Megabreach.” Read how 2018 represents more than a surge in the breach statistics and what social media influencers are predicting for 2019.

When I was preparing to write this blog, I spent time reviewing the 2018 Gartner Magic Quadrant for Security Information and Event Management report, then reviewed my analysis from the 2017 report. A few trends emerged. After reading this year’s report, my conclusions on the SIEM landscape are as follows:
– Threat management is paramount for growth
– Analytics is key
– SIEMs must be end-to-end

Learn what an insider threat is and how they can hurt an organization, as well as best practices for preventing damage to your company from this common problem.

Exabeam’s 2018 State of the SOC Report dove into the mindset of those in the cybersecurity trenches, as well as the managers and CISOs who lead them. Their views on critical aspects of operations, technology, hiring, and staffing provided key insights on how organizations can maintain a well-run and effective SOC. The study also reveals several common concerns—ranging from staffing and retention to frustration over legacy technologies. And it found a surprising degree of separation between the perspectives of top management and their frontline security analysts.

Most security analysts start their day with a common question: “What should I be working on today?” The answer can have serious ramifications. On a daily basis, analysts typically must confront an overwhelming number of security alerts, with no actual means to prioritize them. The unfortunate fact is that too often the massive number of security alerts lack the context that’s needed to quickly investigate and remediate so that they don’t become a major breach.

When it comes to predicting the future, how do you anticipate the moves of our world’s underground cyber criminals, hackers and rogue nations? While they don’t all agree, Exabeam’s top security sleuths share their predictions for 2019.

How to build an incident response plan around the SANS incident response process, examples to get you started, and a peak at incident response automation.

Insider threats are a growing concern for all organizations—one that is increasingly difficult to manage using conventional security technologies. Unlike other types of security threats, insider threats are complicated by the fact that only some are caused by intentional malicious insiders. When you consider all the risks, you can understand why insider threats require a comprehensive cybersecurity strategy.

In part one of this ransomware blog series, we examined how ransomware has evolved over the years. From[…]

Many enterprises are joining the rush to set up data lakes for handling petabytes of security data and logs. But many executives and architects assume that once they finish setting up log sources, applying parsers, and arming their SOC analysts with reports, their data lake will deliver the goods.

Now more than ever, organizations must utilize cloud-based security solutions to ensure their customer information and data are secure, as well as having expertise on the security and regulatory issues involved. Now let’s examine the specific steps you can take to ensure you’re keeping your cloud deployments secure.