Risk Management articles

The cybersecurity market is unfortunately loaded with acronyms that can make selecting the right security service confusing. Some of these acronyms overlap, while others have ambiguous meanings that differ depending on who’s providing them. The reason for this disparity in meanings is partly due to marketing hype—as a term becomes popular, marketing teams jump on the bandwagon, adding features to an existing service so they can say they have the same popular offering when, in reality, not much has changed. […]

Malware that’s already been identified and described in the media obviously can’t be “undetectable”, whatever the headlines say.

How can attackers hack you if they don’t know what to look for or how to find it? If you simply make everything in your network opaque, what could ever go wrong?

Companies that use managed services to close key skills gaps experience a 2.4x better “performance premium” than companies that use no managed services, according to a PwC survey of 2,000 companies. This premium includes both revenue growth and profit margin. A significant skills gap, that affects two-thirds of all companies, is the perennial cybersecurity labor shortage. According to the most recent ISC2 Cybersecurity Workforce Study, the world needs 4 million cybersecurity professionals to close this gap, even though the global […]

How hard can text-based scripts really be? The fact that we’ve had to split this article into two parts probably gives you a hint at the answer: very hard indeed.

How hard can text-based malware really be? The fact that we’ve had to split this article into two parts probably gives you a hint at the answer: very hard indeed.

Businesses looking for a cybersecurity solution might feel confused about the terms used to describe various offerings. Writers often (and mistakenly) utilize the terms MDR (managed detection and response) and MSSP (managed security service provider) interchangeably, adding to the confusion. Making matters worse, one provider’s MDR service doesn’t equal another — the same goes for MSSPs. Although MDR and MSSP are umbrella terms, the way each company provides each service differs.  Each type of provider has its benefits and downsides […]

We take a look at how cybercriminals go about scamming both purchasers and suppliers, and what you can do to protect yourself and your business.

There are plenty of security “precautions” out there that simply don’t provide the protection they promise.

Learn how cybercriminals get your server to do their dirty work for them through the use of webshells.

Credential stuffing is all over the news at the moment. But who should bear the cost?

Effectively building, implementing, and operationalizing a cybersecurity strategy is no small feat, and often requires significant employee power and resources — resources that many businesses don’t have. The skills needed to develop and implement a security strategy are incredibly technical, and the security labor shortage has meant most talent is scooped up by large enterprises. That leaves many businesses with few options, including outsourcing security to a third party, delegating security tasks to IT, or skipping cybersecurity efforts altogether. While […]

Strategies for Safe and Private Communication for Organizations Malware and phishing scams aren’t the only cybersecurity risks that emails pose. The content of the emails themselves can be its own risk factor. Email content can include a treasure trove of exploitable information for cybercriminals. Employees may send passwords or social security numbers via email or share sensitive company information with no way of retracting the email once it’s sent.  John Podesta, Hillary Clinton’s campaign manager in 2016, had his Apple […]

So many breaches! Such dramatic graphs! So much malware! Such huge numbers!