Cyber Incident Response

whitePaper | December 22, 2022

Nearly every part of the educational sector has fallen victim to a cyberattack, from elementary schools to universities. Securing education is no longer a “nice to have” but a “must do” and is a growing concern among the global educational community. Creating and maintaining effective information security and cybersecurity operations in education comes down to people, processes, and tools. It’s crucial for IT and security leaders across the entire spectrum of educational institutions to find the right balance between the three. While there are success stories of achieving that balance, there’s always more to do to identify, understand, and mitigate cybersecurity risks to these organizations. Establishing and improving existing cybersecurity operations must become a priority.

whitePaper | October 27, 2022

As organizations enhance the security of their infrastructure and move towards security methodologies and strategies, such as, Secure Access Service Edge (SASE), defense in depth, assume breach, and zero trust to provide tighter access controls, the print infrastructure must also adapt. It must become a strategic initiative to secure the print infrastructure and consider both internal and external threats. Data has become a cornerstone for innovation and has become a company's most valuable asset. Some of the challenges that companies face are inadequate security practices and too much data to manage. It is important to remember that security is not a solo sport, and as a community, we are stronger together.

whitePaper | September 27, 2022

Businesses once doubted the long-term benefits of moving their traditional, on-premises workloads to the cloud. But those doubts didn’t last long. The ROI of cloud migration was realized quickly and decisively. Businesses eagerly shifted their workloads to the cloud and realized the financial benefits of doing so. However, in the rush to the cloud, clarity on security — and who is responsible for it — is often lost.

whitePaper | November 9, 2022

The CISA Stakeholder-Specific Vulnerability Categorization (SSVC) is a customized decision tree model that assists in prioritizing vulnerability response for the United States government (USG), state, local, tribal, and territorial (SLTT) governments; and critical infrastructure (CI) entities. This document serves as a guide for evaluating vulnerabilities using the CISA SSVC decision tree. The goal of SSVC is to assist in prioritizing the remediation of a vulnerability basedon the impact exploitation would have to the particular organization(s).

whitePaper | December 12, 2022

In the evolution of Internet-based technologies, Web 2.0 introduced popular decentralized services that accelerated interactivity between websites and users. Looking to capitalize on this innovation, businesses rushed to launch applications to the market. However, both the Web 2.0 architecture and dependent businesses failed to incorporate key security principles into the design and implementation of these services, resulting in critical vulnerabilities.

whitePaper | April 20, 2022

Sophos' annual study of the real-world ransomware experiences of IT professionals working at the frontline has revealed an ever more challenging attack environment together with the growing financial and operational burden ransomware places on its victims. It also shines new light on the relationship between ransomware and cyber insurance, and the role insurance is playing in driving changes to cyber defenses.