Threat modelling is a process for identifying potential threats to an organization's network security and all the vulnerabilities that could be exploited by those threats. Most security protocols are reactive - threats are isolated and patched after they've been injected into a system. Threat modelling, on the other hand, is a proactive approach to cybersecurity, whereby potential threats are identified and anticipated.
The rising trend in data breaches continues to angle upwards, and as a result, there has never been a more precarious time in history to launch and maintain a successful business. To prevent the repetition of mistakes that result in data theft, we’ve compiled a list of the 56 biggest data breaches in history, including recent data breaches in 2021. Click on the table of contents dropdown above for a list of all the companies in this post.
Social Engineering, in the context of cybersecurity, is the use of deception to convince individuals into relinquishing their personal information online. This information is then exploited in cyberattacks. Most social engineering campaigns target employees because they could be manipulated into gateways to an organization’s sensitive data. The success of these campaigns relies on a lack of cybersecurity awareness training in the workplace.
The mastermind that orchestrated the SolarWinds attack may finally have a name. On Thursday, April 15th, the White House officially announced that the Russian Foreign Intelligence Service (SVR) - also known as APT 29, Cozy Bear, and The Dukes - was responsible for the campaign that exploited the SolarWinds Orion platform. But the attacks are not over yet. A joint advisory from the U.S.
Though digital transformation is necessary, it's accompanied by some serious risks. This is the scaling conundrum of 2021 - organizations must embrace digitization to remain relevant, however, the greater the digital transformation, the greater the associated digital risks. Thankfully, with the correct digital risk management, organizations can continue to safely embrace digital transformation while mitigating the byproduct of digital risks.
The personal information of over 500 million Facebook users has been published on a hacker forum on the dark web. To put the impact into perspective, in 2019, the population of the entire United States was 328.2 million. This data was stolen in 2019 after a vulnerability in Facebook’s ‘Add Friend” function was exploited.
Digital risks are an inevitable by-product of an expanding ecosystem, and an expanding ecosystem is essential to societies' progression into the fourth industrial revolution. This unsettling conundrum has given rise to a novel field of cybersecurity known as Digital RIsk Protection (DRP). But like all novel solutions, it can be difficult to identify the capable minority from the majority still finding their feet.
Digital risk refers to all unexpected consequences that result from digital transformation and disrupt the achievement of business objectives. When a business scales, its attack surface expands, increasing its exposure to outside threats. This makes digital risk an unavoidable by-product of digital transformation. Fortunately, digital risk protection strategies have been developed to mitigate digital risk so that organizations can continue confidently scaling their operations.
Digital risk protection (DRP) is the practice of protecting organizations from cyber threats during digital transformation. Rather than reacting to cyber threats after they're discovered, cybersecurity strategies must shift to a proactive approach to protection. This is the key to supporting ecosystem expansion while mitigating risk.
