I recently spoke to a Chief Information Security Officer (CISO) who explained that he disliked marketing and saw it as a risk and cost center to his business. He seemed to believe that everything his company’s marketing team did on its website was a risk and even called some standard marketing practices “reckless.” I get it. To those who are unfamiliar with marketing, a lot of what marketers do can seem strange and intimidating.
My name is Mike Behrmann. I am the Director of Digital Forensics and Incident Response at Antigen Security. We are a DFIR-led consulting firm that specializes in incident response, recovery engineering, managed detection & response (MDR) and training. My job there is to oversee the DFIR practice itself: the people, the processes, the tooling, the cases and the customers. I'm an incident commander one minute, diving in like an analyst the next and even doing some business development.
As CVE-2021-44228, a.k.a "Log4Shell" or Apache Log4j Remote Code Execution vulnerability continues to send shockwaves across the world of software, many security vendors and practitioners are rushing to provide recommendations on dealing with the crisis. If you need immediate help mitigating the impact of Log4shell, we're here for that. But the goal of this post is to look forward. This isn't the first and won't be the last high-impact vulnerability to be uncovered. So it's worth preparing your organization for the next one, so that you can respond faster, mitigate and remediate sooner - and have fewer weekends like the last one.
Cybersecurity professionals are facing an unprecedented amount of scrutiny. Not only are they responsible for securing and protecting their organizations, but they also need to prove that their ideas and strategies for doing so have a meaningful impact. This can be hard when the threat landscape is constantly changing and new tactics to fight cyberattacks shift regularly.
IT environments have always been considered the forefront when it comes to cybersecurity, and OT environments have been the forefront when it comes to physical security. As more and more cyber threats are taking place, and with an increasing number recently focused on OT environments, everyone seems to be concerned with how to upscale and secure their OT estates in terms of cybersecurity.
Due to urbanization, which involves a complex set of economic, demographic, social, cultural, technological, and environmental processes, governments are developing smart cities to address some of the challenges unique to urban areas. This development occurs through the transmission of data using wireless technology and the cloud.
The Splunk SURGe team loves to automate and simplify mundane tasks. Through rapid response blogs, we provide context and analysis on late breaking security events that affect everyone, not just Splunk customers. We are firm believers that through shared knowledge and experience we can help the masses better understand the threat landscape and how they can improve their security posture.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. We’ve been here before right? Many times? I know many countries have or are cracking down on IoT security but would it also cover this market?
