Avoiding the Breach: Lessons for CISOs From the CrowdStrike Case
The 2024 CrowdStrike incident caused blue screens of death (BSOD) on Microsoft Windows devices worldwide, severely disrupting operations across essential industry sectors.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
A brief introduction to Industrial Control Systems and Security
You may not know it, but much of your daily life depends on Industrial Control Systems(ICSs). From the power you're using right now to the water you drink, it all depends on Programmable Logic Controllers (PLCs) and other ICS tech to be delivered. In fact, nearly any time something in the physical world needs to be automated, there will be an ICS involved.
The Optimal Cyber Risk Management Tools to Streamline DORA Compliance
Over the past few decades, money has steadily transformed from a material entity to a digital one. Worldwide, people rely on the cyber realm to pay their bills, shop for food, and perform many other everyday activities. Corporations, too, particularly following the 2020 pandemic, are largely dependent on cloud-based operations, utilizing various management platforms and storing massive amounts of data online.
Up Level Your Amazon Security Lake with Attack Surface Intelligence
As global network infrastructure expands to include devices without traditional compute power, every organization’s attack surface becomes increasingly complex. Parallel to the increased complexity in the threat landscape is the increased scale and complexity of the signals and data necessary to produce meaningful cybersecurity insights. At its core, cybersecurity is a big data problem, requiring centralization of disparate data sources in uniform structure to enable continuous analytics.
SecurityScorecard and AWS Help Make Secure Software Procurement Faster and Easier
Organizations increasingly rely on third parties for business operations, and as a result are working with more digital suppliers than ever. According to Gartner, 60% of organizations work with more than 1,000 third parties and this number will grow. High-profile vulnerabilities such as Log4Shell are a constant reminder of the risks posed by a breakdown in the software supply chain. This has spurred enterprises to increase the rigor of software risk assessments to ensure supply chain security.
NCIIPC Explained: Safeguarding India's Critical Infrastructure
Safeguarding critical infrastructure is crucial for national security and economic stability in the digital age. The National Critical Information Infrastructure Protection Centre (NCIIPC) plays a key role in protecting India's vital assets and critical infrastructure. Tasked with the monumental duty of protecting the nation's most vital assets—such as power grids and financial systems—the NCIIPC stands as a stronghold against the constantly evolving landscape of cyber threats.
Triaging Non-CVE Vulnerabilities with Nucleus
Join Scott Kuffer, Co-Founder of Nucleus Security, in this webinar, focused on effective vulnerability management. Dive deep into the complexities of managing non-CVE based vulnerabilities. Learn about centralized vs. distributed remediation strategies and gain practical tips on triaging, prioritizing, and responding to vulnerabilities. This webinar emphasizes the importance of a unified approach to vulnerability management, leveraging threat modeling, and re-evaluating risk assessment methodologies to protect your business.
CISO Strategies Post-CrowdStrike to Safeguard the Balance Sheet
The ubiquitous CrowdStrike incident resulted in a major diversion of resources, with some hard-hit organizations assigning almost all of their IT and security personnel to damage control. As a CISO of an impacted organization, you will likely be required to answer for a lack of resilience to this type of event. To support your decision-making as you reevaluate your resilience budgets, this post outlines four resilience strategies based on key learnings from the CrowdStrike event.
How CISOs Should Handle Future CrowdStrike-type Breaches
SolarWinds, MOVEit, Knight Capital, and now CrowdStrike. The vendor ecosystem will remain a major playing field for operational disruptions. But are you ready for the next inevitable event? As a CISO, your response to such a question from the board shouldn't be anything less than a resounding "Yes!" Here are five plans of action to help your organization survive the next major IT quake, whether it's due to another rusty security update or a third-party breach.
"What's our number?": Responding To Your Exposure to CrowdStrike Outage Event
Is cyber risk insurable? That question is often at the heart of the debate about the future of the cyber insurance industry. One of the primary drivers of that question is the insurance industry’s challenges when managing systemic cyber risk since many believe that systemic cyber risk has the potential to bankrupt the industry. While there hasn’t been a catastrophic cyber incident that has proven the skeptics right, there have been several close calls.