In recent years, businesses have struggle in the face of an ever-growing threat from cybercriminals. The increased sophistication and automation of malware distribution has resulted in an arms race between malware developers and system owners, who need to be on top of their game in remediating flaws as they become known. Rapid vulnerability exploitation has become increasingly common in recent years as big-time cyber criminals quickly develop malware utilizing recently identified software vulnerabilities. When combined with preexisting payloads and sophisticated malware distribution systems, t ..read more

To celebrate Cyber Awareness Month, we’ve been releasing a series of posts outlining ways Cybersecurity Performance Management (CPM)TM can help you improve your cyber performance, reduce risk, and increase cyber ROI—all through the lens of the NIST Cybersecurity Framework (CSF). Last week, we talked about the “Recover” Security Function, which you can find here. Today is the last day of CPM Awareness Month, and we have one final security function to cover: Govern. We’ve taken you from the basics of CPM through to advanced practices with a weekly series of blog posts that chronicled how CPM hel ..read more

To celebrate Cyber Awareness Month, we’re releasing a series of posts outlining ways Cybersecurity Performance Management (CPM)TM can help you improve your cyber performance, reduce risk, and increase cyber ROI—all through the lens of the NIST Cybersecurity Framework (CSF). Last week, we talked about the “Recover” Security Function, which you can find here. We’ll take you from the basics of CPM through to advanced practices with a weekly series of blog posts that chronical how CPM helps your organization align itself with each of the CSF’s Security Functions to help you take actionable steps t ..read more

To our regular readers, welcome back and thank you! To those new readers, in celebration of Cyber Awareness Month, we’re releasing a series of posts outlining ways Cybersecurity Performance Management (CPM)TM can help you improve your cyber performance, reduce risk, and increase cyber ROI—all through the lens of the NIST Cybersecurity Framework (CSF). Last week, we talked about the “Identify” Security Function, which you can find here. We’ll take you from the basics of CPM through to advanced practices with a weekly series of blogs posts that chronical how CPM helps your organization align its ..read more

To celebrate Cyber Awareness Month, we’re releasing a series of posts outlining ways Cybersecurity Performance Management (CPM)TM can help you improve your cyber performance, reduce risk, and increase cyber ROI—all through the lens of the NIST Cybersecurity Framework (CSF). Last week, we talked about the “Protect” Security Function, which you can find here. We’ll take you from the basics of CPM through to advanced practices with a weekly series of blogs posts that chronical how CPM helps your organization align itself with each of the CSF’s Security Functions to help you take actionable steps ..read more

To celebrate Cyber Awareness Month, we’re releasing a series of posts outlining ways Cybersecurity Performance Management (CPM)TM can help you improve your cyber performance, reduce risk, and increase cyber ROI—all through the lens of the NIST Cybersecurity Framework (CSF). We’ll take you from the basics of CPM through to advanced practices with a weekly series of blogs posts that chronical how CPM helps your organization align itself with each of the CSF’s Security Functions to help you take actionable steps toward securing your digital future. We’ll be posting throughout the month, so make s ..read more

In the last few days, Microsoft disclosed a data leak that exposed 38 terabytes of company data, including passwords, Teams messages, and the backups of two Microsoft AI research employees’ workstations. Thankfully, Microsoft has confirmed that no customer data was exposed. The leak was caused by an overly permissive Shared Access Signature (SAS) token that was accidentally exposed in a public GitHub repository, giving anyone with the link the keys to the kingdom. SAS tokens are a powerful tool for sharing data in Azure Storage, but they can also be dangerous if they are not properly configure ..read more

Cybersecurity is no longer an optional or peripheral aspect of business operations; it’s an absolute necessity. The increasing frequency and sophistication of cyberattacks have highlighted the critical importance of robust cybersecurity measures. Along with these increases in frequency and sophistication, cyberattacks have also become incredibly expensive, with the average data breach costing millions. To stay ahead of cyber threats, organizations must adopt a proactive approach that starts at the top. In recent years, some organizations have looked to emphasize this responsibility by making i ..read more

With the release of Verizon’s 2023 Data Breach Investigation Report (DBIR) in recent months, there’s a lot of new information out there about how the industry has shifted over the last year as industries have adjusted to the ever-changing threat landscape. Focusing extensively on data breaches and security incidents, Verizon’s DBIR goes into detail about the actors, methods, outcomes, and overall trends associated with data breaches over the past few years. Here are our key findings from the report. Threat actors and their motivations Verizon has showed that Organized Crime continues to be the ..read more

In today’s ever-evolving digital landscape, the importance of cybersecurity cannot be overstated. With the increasing complexity of threats, organizations are recognizing the need to allocate more resources to protect their valuable assets. Recent reports indicate a positive trend, as Chief Information Security Officers (CISOs) across the industry are reporting rising budgets to bolster their cybersecurity efforts. However, despite these budget increases, security outcomes are not improving significantly. A significant portion of data breaches still involve human error, privilege misuse, or so ..read more