A Journey in Organizational Cyber Resilience Part 2: Business Continuity
Keeping a business up and running during a problem takes the right people for the job. When it comes to cyber resilience through tough times, many things come down to the human factor. We focused on that in the first piece in this series, but it also makes a big difference to the second topic:…
What Is Security Intelligence? Here’s What Your Business Leaders Want to Know
Every so often, a new phrase or buzzword does the rounds for a bit before it goes off to join the other forgotten buzzwords in the sky, only to be recalled at corporate parties for a laugh, or to gauge how long someone has been in the trade. However, a select few remain firmly embedded…
Move Over, Ransomware: Why Cybercriminals Are Shifting Their Focus to Cryptojacking
According to the 2018 IBM X-Force Threat Intelligence Index, the frequency and sophistication of malicious cryptocurrency mining, also called “cryptojacking,” has increased drastically in the past year. This mining is changing malicious actors’ priorities: While they had previously targeted companies’ data and financial assets, they are now seeking to extract value from organizations’ computing resources….
How Cloud Security Can Drive Innovation and Transform Your Business
I joined a number of security professionals at the IBM Security Summit in London last month during the “Innovating With Cloud Security” breakout session, which was hosted by Martin Borrett, chief technology officer (CTO) of IBM Security Europe. The audience took part in discussions about typical cloud transformation journeys, security for and from the cloud,…
Rinse, Wash, Repeat: Defining, Planning and Continuously Improving Your SIEM Strategy
Designing your security information and event management (SIEM) strategy can be very challenging, particularly in complex environments that depend on many systems and stakeholders. For security leaders, it may seem as though this work is never complete. Indeed, maintaining an effective SIEM program requires a cyclical approach of reviewing business objectives, planning detection and response…
Using Phishing Intelligence to Reel In Advanced Threats and Protect Corporate Networks
Gone are the days of the Nigerian prince promising fortune to unsuspecting email recipients. Attackers have stepped up their phishing game and evolved their tactics to entice employees to click links or open attachments, preying on the opportunity to spread persistent malware or compromise credentials. These threat actors relentlessly target employees — both at work…
The Role of the Security Intelligence Analyst and the Three Main Elements of Cybersecurity
In the modern security operations center (SOC) model, the security intelligence analyst (SIA) represents a core role. In my opinion, it is one of the most important roles in the field of the cybersecurity. Customers often ask me what the role of the SIA actually is. The SIA is responsible for protecting the organization against…
Is Your Security Intelligence Solution Stuck in the Past?
A few years back, I invested in a video gaming platform that was a little different. To play it, you had to get off the couch, fling your arms around, jump, balance and more. I continued to buy into new games and gadgets that even allowed me to be a rock star. But then it…