CyberSecurity threats
A Cyber Security Incident Response Team is the emergency room of cybersecurity. You don’t want to need one, but once something bad happens, the ER doctors might just save your life. You don’t want to need critical incident response, but once a cyber incident occurs, you’ll be glad you have a team ready.
Prevention should be the holy grail of any cybersecurity strategy, but we know that 100% prevention is not realistic. So, what exactly happens when a serious threat is detected? Using a recent incident as an example, it is enlightening to follow the chain of events that starts when human SOC analysts decide that CSIRT action … Read more
Picture this: you are the CEO of a company that’s dealing with a ransomware attack and now you’re being told that, on top of dealing with your company being shut down for a number of days, you may also be facing fines. Not just your company, but you yourself as well, as you may be … Read more
In risk management, the formula Risk = Likelihood × Impact is foundational. Here’s how it works: Likelihood: The probability of a specific event occurring. Impact: The severity of consequences if the risk event materializes. This can be gauged in terms of financial loss, people affected, asset damage, or delays. Multiplying these factors gives a numerical … Read more
In the digital age, where the fabric of our interconnected world is woven with threads of data and technology, the imperative for cyber resilience has never been more urgent.
Cybersecurity remains a top priority of businesses, but the harsh reality of cybersecurity is that the investment can be hard to sell. The costs are easy to specify, the return is less easy to convey. As a CISO, or a head of IT: how do you appeal to the board to make sure they understand … Read more
Zero Trust
The sudden and forced rise in working from home has created a lot of work for a large number of companies. It may have already slipped our minds, but suddenly, your entire company needed to be able to work remotely. This may have led to some problems. The thing is, many companies don’t stop to … Read more
The NSTAC and compliance are the big topics in part II of this interview with John Kindervag, done by VentureBeat. In part I of this interview, he touched upon topics such as ‘how do the organizations overcome barriers to adopting and implementing Zero Trust’ and dives deeper into how Zero Trust is a Strategy and … Read more
John Kindervag, founder of Zero Trust, was interviewed by VentureBeat to share his insights into how the adoption of Zero Trust is progressing across organizations and governments globally and what he sees as essential to its growth. He touches topics such as ‘how do the organizations overcome barriers to adopting and implementing Zero Trust’ and … Read more
The world of cybersecurity continues to have a battlefield littered with sucking chest wounds that go untreated. We are too passive. Too afraid of action. Too intimidated to do the right thing for our organization. There are a ton of excuses for this…
The increasing popularity of Zero Trust means that more and more is written about it. Unfortunately, the many online publications show that there are quite a few misgivings – and that not everyone understands what exactly is the purpose of Zero Trust.
Business & Technology
In the digital age, data breaches have become all too common, causing significant disruptions and financial losses for companies. One of the most notable data breaches this year was the MGM Resorts attack, which not only caused serious disruptions to MGM’s business, but also had far-reaching implications for their supply chain. The MGM Resorts attack … Read more
Plano (US) – ON2IT, a leading provider of managed cybersecurity services, announces the addition of the CISA Zero Trust Maturity Model into its Zero Trust as a Service platform, AUXOâ„¢. Organizations can use ON2IT’s Zero Trust as a Service platform to strengthen cyber defenses and easily embrace Zero Trust. With cyber threat growth in volume … Read more
Why did Log4j have such an impact? But, although Log4j and follow-up attack vectors are still a real threat for many organizations, it’s certainly not too early to draw lessons learned from this episode. What made Log4j different from other ‘classic’ 2021 vulnerabilities such as Citrix, Kaseya, and Hafnium (Exchange) is the fact that it … Read more
Have you ever run into this scenario: there is a yearly audit on the security posture of the organization and this requires certain measures to be in place. However, everyone within the security department knows that that one specific measure (let’s name it checkbox alpha) is not actually in place. They also know that, somewhere in the … Read more