Breach Management articles

What if we all adopted a cybersecurity culture anchored in value and quality, instead of a race-to-the-bottom predicated on cheapness and quantity?

If HTTPS provides true end-to-end encryption, how do web firewalls crack into your network traffic? And what stops cybercriminals doing the same thing?

Vulnerability management is an essential element of every cybersecurity plan. It involves the ongoing monitoring of a company’s digital footprint to find and fix any vulnerabilities in devices, systems, and applications that bad actors could exploit. It decreases a company’s risk exposure and is a proactive way of ensuring threat actors can’t gain access to a company’s private data. It’s also a huge undertaking. Many applications, including those that are cloud-based, that companies use need to be checked and patched […]

Employees are a major attack vector for threat actors targeting organizations. Recent research by Stanford University confirms this, revealing that 88% of all data breaches are caused by human error. These human errors might be as simple as sending an email to an incorrect address or leaving a database publicly viewable; but they can also be more involved, as when employees become victims of targeted phishing campaigns. Let’s detail how employees might be increasing risk for organizations and what organizations […]

Just how much security does a VPN give you?

What could go wrong with the security you think you’re enjoying, and what potential problems do you need to be aware of?

Do you back yourself to spot the scams that drop into your email inbox?

Could you teach your friends, family and colleagues to do the same?

We take a look at how cybercriminals go about scamming both purchasers and suppliers, and what you can do to protect yourself and your business.

There are plenty of security “precautions” out there that simply don’t provide the protection they promise.

Credential stuffing is all over the news at the moment. But who should bear the cost?

Effectively building, implementing, and operationalizing a cybersecurity strategy is no small feat, and often requires significant employee power and resources — resources that many businesses don’t have. The skills needed to develop and implement a security strategy are incredibly technical, and the security labor shortage has meant most talent is scooped up by large enterprises. That leaves many businesses with few options, including outsourcing security to a third party, delegating security tasks to IT, or skipping cybersecurity efforts altogether. While […]

So many breaches! Such dramatic graphs! So much malware! Such huge numbers!

As the tech landscape becomes increasingly vast yet more interconnected and bad actors utilize more advanced techniques, the process of building a security strategy and implementing that strategy is becoming ever more complex. Although new point solutions and service offerings are emerging to address some of those complexities, it doesn’t do much to help businesses that don’t have the expertise, time, or budget to operationalize a whole security tech stack. This speaks to the larger problem of operationalizing cybersecurity. As […]

Malware writeups used to tell you everything there was to know about each new threat. But life’s not like that today, and it’s not because threat researchers aren’t as smart or as diligent as they used to be!

The year 2023 hasn’t been kind in terms of data breaches. By October, the number of data compromises was already up by 17% (2,116 compromises) compared to the entirety of 2022. An Apple-commissioned study carried out by MIT professor Dr. Stuart Madnick labels the current state of data breach prevalence as an “epidemic.”  The Identity Theft Resource Center (ITRC) attributes the 2023 increase to the combined increase of zero-day vulnerabilities, ransomware attacks, and supply chain attacks. Each of these elements […]