Information Security Blog

Are IoT devices like security cameras, printers, and thermostats creating cybersecurity risks? If your organization is like most, many of these IoT systems aren’t even on your radar, often because there isn’t the necessary monitoring solution for such internet connected devices.

The cybersecurity challenge of securing IoT is complex and extensive due to the fact that IoT devices are deployed over a wide attack surface and contain numerous threat vectors such as authentication and authorization, software, device threats, network threats, and OS level vulnerabilities.

Stopping Malware from Compromised Insiders: Many of the most devastating data breaches are caused by attackers using stolen credentials to gain access to organizations’ network assets.

Exabeam Threat Intelligence Services (TIS) with SIEM: While SIEMs are central for SOC cybersecurity, SIEMs are often not enough. With the growing sophistication of organized, modern cyber attackers and their highly-targeted techniques, organizations can be left with serious vulnerabilities using SIEM alone.

Every cybersecurity leader senses the urgent need to prepare for a cyberattack. If you haven’t already, most likely you’ll want to deploy an effective incident response policy soon, before an attack results in a breach or other serious consequences. Creating an effective incident response policy helps ensure a timely, effective, and orderly response to a security event.

Writing a Mock Breach Notification Letter Before a Security Disaster: Working backward from a breach that hasn’t occurred yet will illuminate the weaknesses in your disaster plan, so you can take action now—rather than when you’re in a breach recovery.

Russian meddling in the 2016 US elections and the Hillary Clinton campaign email breach came as a surprise to many (with investigations underway as to who knew what and who was involved). Two years later, alarms are again sounding about new threats from Russian bad actors targeting US elections. How can this be stopped?

2017 Gartner Magic Quadrant SIEM: What is evident to me from the 2017 Gartner Magic Quadrant for Security Information and Event Management (SIEM) is after a four-year drought from 2013 through 2016, innovation has finally returned to the SIEM market.

Unlike a SOC, the comprehensive response provided by a CSIRT reaches beyond the technical actions taken to remediate an incident. It includes recommending changes to systems or organizational practices to protect against future incidents. Plus, it includes important nontechnical responsibilities as well.

Frequently cyber threats and incidents go undetected and unreported—sometimes for years. What is known is that it’s likely your organization faces possible exposure to insider threats—and it’s probably larger than what you’ve anticipated.

Until recently, most security operations centers (SOC) were dependent on their analysts’ skill level and relied on manual steps to detect the cyber threats to their organization.

Ransomware attacks often target victims with high-value, unstructured data. In this case it was the PGA Championship and Ryder Cup files consisting of marketing materials such as PGA banners, logos, and signage, which are the type of files that organizations frequently don’t back up properly.