Highly Caffeinated InfoSec

Everyone knows security is overloaded work wise – not everyone understands what that means. Cyber Threat Intelligence (CTI) is typically very technical so how can you convince the teams setting business objectives and allocating resources (for budget) of what the cybersecurity priorities should be? A modern CTI program needs to show value to the business because it will help solve some of the major problems we’re seeing in TI programs today (such as lack of resources or lack of data). Part of this includes bridging the gap between threat and risk to ensure your operational strategy aligns with the overall business objectives.

Have you joined the debate yet? Many have differing views on whether Secure Web Gateway (SWG) and DNS security are competing technologies and which they should deploy. We are diving into this subject in this webinar where we’ll explore the intersection between the two, the pros and cons of each, and what their gaps might be.

This attempt went on to ask why the sender wouldn’t pay an “invoice” attached to the email. Our IT staff later confirmed this attachment carried a ransomware payload. Like the confusing influx of different Oreo flavors in recent years (cotton candy Oreos, really?), the variety of phishing email attempts has blossomed. The “shock and awe” method described above is not a new tactic, though the use of vulgarity seems to be a relatively new variation. Fake shipping confirmations. Tax-related W-2 requests. Emails requesting password resets for social media accounts, online banking, you name it. These are just a few ways scammers use social engineering to bypass technological safeguards and compromise sensitive data.

Cyber attackers continue to be successful in gaining access to many different organizations, often by exploiting identities and weak authentication. To ensure they are protected, organizations should consider modern Adaptive Authentication techniques to increase identity security and thwart attacks.