July 25, 2024 at 02:44PM Many organizations are facing global IT issues due to a defect in CrowdStrike’s Falcon sensor content update, impacting operations across sectors. This event highlights the importance of improving cyberattack response capabilities. Lessons include evaluating detection speed, prioritizing recovery, executing business continuity plans effectively, and addressing supply chain risks to enhance … Read more
May 6, 2024 at 07:57PM Supply chain breaches rose steeply in 2023, with 15% involving third parties, up from 9% in 2022. Verizon’s DBIR considers not only vendor compromises but also vulnerabilities in third-party software. Exploited vulnerabilities, primarily in ransomware attacks, were the most common issue, prompting the suggestion to assess vendor choices and prioritize … Read more
March 6, 2024 at 08:03AM Southern Company undertook a project to create a software bill of materials (SBOM) for its Mississippi substation, involving inventorying hardware, software, and firmware, and gathering supply-chain information from 17 vendors. The process included challenges such as limited vendor cooperation and outdated SBOMs upon receipt. The project highlighted the importance of … Read more
January 26, 2024 at 10:15AM Cybersecurity involves securing business infrastructure and endpoints from unauthorized access, with various specialized teams leading different aspects. The discipline of fraud prevention has further fragmented the landscape. Combining these disciplines under one umbrella is beneficial, offering a comprehensive cybersecurity posture, efficient resource utilization, reduced capital burn, and a unified response … Read more
December 14, 2023 at 08:48AM The security operations center serves as the first line of defense against active attacks, but is often underfunded and understaffed. Dark Reading’s special report “Key Elements Enterprises Needs to Include in Modern SecOps” details the challenges facing modern enterprise security operations centers and suggests strategies for investing in tools, automation, … Read more