Prevention should be the holy grail of any cybersecurity strategy, but we know that 100% prevention is not realistic. So, what exactly happens when a serious threat is detected? Using a recent incident as an example, it is enlightening to follow the chain of events that starts when human SOC analysts decide that CSIRT action … Read more
In our interconnected digital age, robust cybersecurity is as much about understanding what you’re defending as it is about the intricacies of the defenses themselves. Think of digital assets as a vast castle. Once the walls were vital, but the true value lies inside with the treasures: data, applications, assets, and services. John Kindervag’s evolution … Read more
In the digital age, where the fabric of our interconnected world is woven with threads of data and technology, the imperative for cyber resilience has never been more urgent. Today’s enterprise architectures stand at a crossroads, facing a storm of targeted cyberattacks that threaten not only their systems, but also the very essence of their … Read more
Software has vulnerabilities that provide hackers with the opportunity to steal data, install ransomware or sabotage your business. Criminal organizations and intelligence services are willing to pay a lot of money for vulnerabilities that (almost) no one knows about. Big bucks (or rather, cryptos) are paid for these zero-days on the so-called dark web, because they offer you an open backdoor just for you
In our first Log4j lessons blog, we focused on the necessity of becoming very, very good at patching, and making it a well-documented and automated routine in your IT-environment. This might sound obvious, but many organizations hit serious hurdles in their initial Log4j handling because their patch machine did not start cold. Our main takeaway … Read more
On February 24, we sent out a security update on the cybersecurity implications of Russia’s invasion of Ukraine. In this new bulletin, we give you a status update on the most recent developments.