#RiskMitigation

War or Cost of Doing Business? Cyber Insurers Hashing Out Exclusions

by

January 11, 2024 at 09:43AM Merck settled a legal battle with insurance companies over $1.4 billion in claimed damages caused by the NotPetya cyberattack, challenging hostile/warlike act exclusion clauses. The resolution is significant for businesses amid increasing cyberattacks. Although insurance firms clarify act-of-war clauses, companies must carefully review coverage to mitigate risks from complex cyberthreats. … Read more

It’s Time to Close the Curtain on Security Theater

by

January 9, 2024 at 10:05AM The text discusses the concept of security theater in cybersecurity, criticizing the superficial measures and controls implemented by organizations. It highlights the detrimental effects of security theater and provides recommendations to shift focus towards proactive risk mitigation, including conducting risk assessments, prioritizing security enhancements, and implementing cyberattack prevention strategies. Key … Read more

Helping companies defend what attackers want most – their data

by

November 28, 2023 at 09:22AM Athena AI, integrated into the Varonis Data Security Platform, provides generative AI capabilities to enhance data protection. It enables security teams to conduct investigations, remediate threats, and strengthen their security posture effectively. With features like an AI SOC analyst and natural language search, customers can quickly respond to incidents, identify … Read more

Humans Are Notoriously Bad at Assessing Risk

by

November 22, 2023 at 07:12AM Risk assessment can be subjective and biased due to human emotions, which can lead to an inaccurate representation of reality and a weaker security posture. To remove subjectivity, security professionals should follow seven steps: identify critical resources and data, understand potential financial impact, enumerate relevant threats, map risks to resources, … Read more

The 7 Deadly Sins of Security Awareness Training

by

November 21, 2023 at 06:47PM Avoid these tactics when educating employees about risk. As an executive assistant, my role is to diligently and accurately generate clear takeaways from meeting notes. Based on the provided meeting notes, it is advised to avoid using these tactics when trying to educate employees about risk. It is recommended to … Read more

A Ukrainian Company Shares Lessons in Wartime Resilience

by

November 1, 2023 at 07:27PM MacPaw, a software company in Ukraine, has successfully maintained operations during the ongoing conflict with Russia. The company implemented several measures to ensure resilience, including creating an emergency team, prioritizing employee safety and customer service, fortifying headquarters, securing power and connectivity options, building hardware reserves, establishing redundant communication channels, staying … Read more

One Ukraine Company Shares Lessons in Prepping for Wartime Cyber Resilience

by

November 1, 2023 at 03:38PM The cybersecurity community is focusing on preparing for uncertainty amid the conflict in Israel. Vira Tkachenko, CTO of MacPaw, shares her experiences and offers insights into wartime cyber resilience. MacPaw created an emergency team, prioritized physical safety and security, hardened headquarters, bolstered power and connectivity options, built up hardware reserves, … Read more

Key Learnings from “Big Game” Ransomware Campaigns

by

October 26, 2023 at 12:21PM A recent report on crypto crime found that ransomware attacks are increasing in prevalence, targeting major industries such as casinos, manufacturing, retail, and technology. Organizations must take specific steps to address these attacks, including understanding the threat, identifying internal signs of attack, and strengthening infrastructure. Utilizing threat intelligence and effective … Read more