Recently published blogs
The shortage of staff in the IT market is nothing new: companies struggle to find and maintain good IT staff, a lack of specific knowledge and skills amongst IT staff makes a large number of job ads hard to fill and it’s becoming more and more normal to regularly switch jobs.
Return on Investment (ROI) in the context of cybersecurity measures is a hot subject. Which makes sense, as technology providers don’t want to position cybersecurity as a cost with no return. But how accurate is that discussion?
Software has vulnerabilities that provide hackers with the opportunity to steal data, install ransomware or sabotage your business. Criminal organizations and intelligence services are willing to pay a lot of money for vulnerabilities that (almost) no one knows about. Big bucks (or rather, cryptos) are paid for these zero-days on the so-called dark web, because they offer you an open backdoor just for you
A partner who just collects alerts and then makes leaves fixing the problem in your hands, doesn’t actually get you anywhere. It’s comparable to a security service that sends you a quick message: we received a report of a break-in at your office: good luck with that!
Strangely, most companies, including larger organizations, have set up their cybersecurity according to the above pager duty model. Truly incomprehensible, as cold statistics tell you that ransomware, data theft or cyber sabotage are a great threat to continuity than the traditional calamities that we do adequately deal with.
The main items I’ve found to be of interest are the scale at which attacks against APIs have grown (+192% from 2022), the reiteration of the fact that attackers do not care about the OWASP Top 10 and the focus on Open Source Software (OSS). Why Open Source is great … Read more
In part II, John shares insights into both his experience working at Forrester and his contribution to the President’s National Security Telecommunications Advisory Committee (NSTAC) Draft on Zero Trust and Trusted Identity Management. He also highlights an unexpected but important consequence to Zero Trust.
John Kindervag, founder of Zero Trust, was interviewed by VentureBeat to share his insights into how the adoption of Zero Trust is progressing across organizations and governments globally and what he sees as essential to its growth.
Whether the ultimate objective is data theft, ransomware deployment, cryptocurrency mining, or another nefarious scheme, successful zero-day attacks can cost organizations millions of dollars. Fortunately, by adopting a Zero Trust architecture and implementing extended detection and response (XDR), organizations can reduce the impact of zero-day attacks and block many attacks … Read more
The world of cybersecurity continues to have a battlefield littered with sucking chest wounds that go untreated. We are too passive. Too afraid of action. Too intimidated to do the right thing for our organization. There are a ton of excuses for this…
On February 24, we sent out a security update on the cybersecurity implications of Russia’s invasion of Ukraine. In this new bulletin, we give you a status update on the most recent developments.
Biden’s Zero Trust advice, as well as the Dutch NCSC advice, has put Zero Trust on the map more than it has ever been before. But what exactly is Zero Trust? And how has it developed since John Kindervag popularized the term?
When your IT-department is confronted with a serious threat such as Log4j, you should be able to focus on problems that precede the question of whether you should and can patch or not.
On February 24, we sent out a security update on the cybersecurity implications of Russia’s invasion of Ukraine. In this new bulletin, we give you a status update on the most recent developments.
We continue our Log4j blog series with the second installment: a deep dive into the subject of vulnerability management. What does it involve? What tools to use? And how to operationalize it into a long-term strategic cybersecurity approach.
KEEP UP WITH
OUR LATEST RESEARCH
Want to stay in the loop on our latest cybersecurity research?
Sign up and get cybersecurity updates delivered straight to your inbox.
