Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The potential benefits of workflow automation for security teams are huge - from improved incident readiness to faster time to value, improved retention, and reduced errors, there lots of compelling reasons to adopt this technology. But there are also some popular misconceptions holding teams back from fully embracing workflow automation. In this blog post, I'll debunk some of the most common myths about workflow automation and explain why it's worth investing in for any security team.

As I write this, billions of users are looking at “the blue screen of death.” Flights are grounded around the world, 9-1-1 service is offline in the entire state of Alaska, hospitals can’t check in patients, retailers cannot make sales because their POS systems are down, Newark airport has reverted to paper tickets for check-in, and countless other organizations are at a standstill. This is the top story on every major news site I’ve checked. What could cause this carnage?

In the early hours of July 19th, 2024, CrowdStrike endpoints on Windows machines worldwide received a faulty content update, causing what is shaping up to be the one of the largest global IT outages to date. All over the world reports of Windows workstations and servers stuck in a boot loop with a BSOD were pouring in, impacting airlines, airports, banks, hospitals and many other critical infrastructures such as emergency services call centers, and the list goes on.

Joint customers utilizing Rubrik for immutable backup are recommended to utilize Rubrik in-place recoveries for impacted Windows VMware Virtual Machines (VMs), standard VM restores for Azure VMs, AWS EC2 instances, and live mounts for Hyper-V and AHV VMs. For VMware VMs this significantly reduces the recovery time by only recovering the changed blocks required to revert the VM to a snapshot before the 04:09 UTC CrowdStrike host update.

As most in the industry are aware, a defective content update to CrowdStrike’s Falcon Sensor for Windows led to a global cascade of system outages affecting critical industry sectors such as transportation, banking, healthcare, and public safety. Many enterprises and government agencies around the world are still actively managing their response to this incident.

Phishing is used to completely compromise the victim’s environment after other repeated methods failed.

New data puts the spotlight on the frequency and impact of modern ransomware attacks, highlighting the overconfidence organizations are showing in their ability to defend and respond to attacks. If you’re like one of the organizations surveyed in Halcyon’s latest Ransomware CISO Survey report, the findings were quite eye opening.

Cybersecurity regulations often include audits that assess and strengthen an organization’s defenses against increasing cyber threats. In the United States, various cybersecurity regulations, including HIPAA, SOX, PCI DSS, and more, require audits. Each audit ensures your organization meets the required standards outlined in the regulation while also strengthening its overall cybersecurity framework.