Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Once an attacker enters your network, one of their first actions will be to try and hide their tracks by blending in, using methods of deception such as mimicking normal user activities. A cyber defender can also use methods of deception to detect and slow the advance of these adversaries. This is known as an active defense. This article will discuss some methods of using Active Defences, sometimes referred to as ’deceptions,’ as one part of a comprehensive cyber defense strategy.

Certifications are a great way for customers to get confidence that the company they’re trusting with their cyber security is up to the job. So, when the Cyber Advisor scheme was launched, we thought it was a great opportunity to invest in our staff. In this Q&A blog we’ll look at what a Cyber Advisor is, what it means for your business, and what it means to our staff – as we talk to Bulletproof’s first Cyber Advisor, Jemma Aldridge.

The Digital Operational Resilience Act (DORA) is set to reshape the landscape of financial services in the European Union. But its impact extends beyond EU borders, particularly affecting UK-based Information and Communication Technology (ICT) service providers. Let’s explore how DORA might influence these providers and what steps they should consider taking.

With the rise in cyberattacks, robust measures are essential to reduce attack surfaces and respond swiftly to threats. Compliance with regulations like the Digital Operational Resilience Act (DORA) is crucial to prevent severe penalties and ensure business continuity. This blog post looks at DORA and introduces our white paper about this important new European regulation.

You no longer need to pull off a bank heist to pocket millions of dollars. Taking advantage of an email breach is easier for attackers and allows them to use your infrastructure’s weaknesses to demand ransom, steal personal information, or perform other fraudulent activities.

This blog looks at the intersection of psychology and email attacks to help guard your business against elaborate deception and adopt actionable strategies to defend your people and assets from manipulative schemes. After reading it, you’ll be better prepared to thwart scams and bolster your organization’s resilience against email-based threats.

Modern organizations have sprawling attacks surfaces of known and unknown assets that grow each day. This means understanding and managing your external attack surface is more crucial than ever. But with the vast number of digital assets that organizations need to monitor, accurately identifying every component of your attack surface can seem overwhelming – which is why many turn to External Attack Surface Management (EASM).

Perimeter solutions such as Secure Email Gateways (SEGs) have long been a cornerstone of email security, historically serving as the primary line of defense against malicious emails entering an organization. Utilizing legacy technology such as signature and reputation-based detection, SEGs have provided pre-delivery intervention by quarantining malicious attacks before they reach the end recipient. Why, then, are 91% of cybersecurity leaders frustrated with their SEGs, and 87% considering a replacement?

Many people don’t realize that scams are complicated events orchestrated by scammers, which often include myriad persuasive techniques and take advantage of our individual characteristics and circumstances. While each scam varies in complexity, they typically progress through three broad stages, each influenced by factors that either heighten or diminish our vulnerability to becoming victims.

We recently presented the webcast "Find Your Best Fit, Solving the Cybersecurity Framework Puzzle." Tyler Reguly, who is a senior manager of research and development at Fortra and a former professor at his alma mater, Fanshawe College, served as the host. Tyler offered his wisdom about integrating CIS Controls into a comprehensive cybersecurity plan for your organization.