With data breaches making the headlines almost daily, it can feel like you’re stuck in a never-ending discussion about how secure data is in the cloud. On one hand, cloud naysayers may be preaching cloud repatriation in response to the high profile cloud compromises of the last few years. On the other hand, being too sure of your data security is a major recipe for trouble — hubris has no place in cybersecurity.

In today's always-on, ever-connected world, keeping digital systems secure and reliable is not just a goal, but a business imperative — it is now a boardroom-level conversation. With the increasing complexity of digital systems and ever-growing event volume, organizations face a constant battle to protect their systems, data, and reputation from a myriad of threats. Simultaneously, they need to optimize system performance, identify bottlenecks, and enhance the overall user experience.

Cybersecurity is complex — anticipating cybersecurity events is another challenge altogether. We could argue that most events can be described by some probabilistic phenomenon, but attempting to define that phenomenon is where things get tricky. IT environment exposure presents real risks, but mathematically (or statistically), we can only aim to describe the likelihood of a cyberattack by accounting for a finite set of factors.

Security analytics is a proactive approach to cybersecurity that uses data collection, aggregation and analysis capabilities to perform vital security functions — including detecting, analyzing and mitigating cyberthreats. Security analytics tools such as threat detection and security monitoring are deployed to identify and investigate security incidents or potential threats such as external malware, targeted attacks and malicious insiders.

A top challenge faced by security practitioners is double-edged: you’re trying to keep up with new and increasing cyberattacks — all while investigating and remediating existing threats. As we know all too well, time is of the essence when you’re investigating threats and determining the scope and root-cause of a potential breach. On top of that pressure, you’re likely short on resources and experienced personnel, limiting your ability to conduct thorough investigations.

When most people think of threat hunting, they think of uncovering unknown threats. Would you believe me if I told you that is only ONE of many (better) reasons to show value with threat hunting? The PEAK Threat Hunting Framework incorporates three distinct hunt types: hypothesis-driven, baseline and model-assisted threat hunts. Each hunt type follows a three-stage process: Prepare, Execute, and Act.

Digital transformation is happening. Organizations around the globe have realized that if they do not rapidly digitize their business operations and processes, they will be left behind — unable to compete, grow, and thrive. As such, organizations are developing and deploying new applications and services to fuel this evolution.

What is “quantum”, really? The emperor's new (quantum) clothes: cutting through the quantum hype It’s hard to move in security circles today without hearing someone pontificating about “quantum”. Maybe you keep hearing how all cryptography and security of the internet will be devastated by a quantum computer.

As we approach the end of the federal government fiscal year, it's a good time to review the legislative and policy landscape. Several updates and changes have recently arrived or are already in motion regarding cloud security and data resilience.

One of the most challenging aspects of running an effective Security Operations Center is how to account for the high volume of notable events that ultimately do not present a risk to the business. Some examples of non-risky notable events include a user forgetting their password and submitting it erroneously multiple times in a row, or a user accessing a system (for a completely valid reason) at an odd hour outside of their normal behavior.