As organizations race to embrace the cloud and empower remote workers, IT and security teams are caught between enabling business while also ensuring the highest level of security. It’s a difficult balance, for sure. The attack surfaces are ever sprawling, and looser deployment paradigms can often expose more vulnerabilities to an organization's networks and data.
Experience is vital when preparing to battle cybersecurity threats, but is it possible to gain experience and avoid the pain that usually comes with it? In a word, yes. Red vs. Blue events (RvBs) enable cybersecurity individuals and teams to practice responding to actual attacks in a safe and isolated simulated network. These events provide highly impactful learning experiences where SOC leads and team members can apply their cybersecurity skills, enhance trust and collaboration between teams, while testing and refining incident response processes. With RvB training, organizations can improve their defenses without the pain of actual data loss or downtime.
Whether or not you’ve been following our blog series, by now you’ve probably heard of the Zero Trust Architecture (ZTA). And while most security practitioners have already embraced the notion of continuous user and device validation, Executive Order 14028 made ZTA a mandate for the federal government’s civilian agencies and their IT vendors.
It’s well established that cybersecurity is more than an IT concern. From supply-chain availability to consumer data privacy, cyber events can have a profound and lasting impact on business continuity and brand value. Even non-tech-savvy business leaders understand how closely linked organizational and personal success are to cybersecurity outcomes, this is why Zero Trust Architecture (ZTA) has become a hot topic for us to explore.
Less than 24 hours ago, the White House issued a warning that companies within the United States should take steps to protect themselves from potential Russian cyber attacks. As stated by the President, it would be “part of Russia’s playbook” to leverage cyber warfare in response to the unprecedented economic sanctions imposed by the United States and its allies around the world.
In May 2021, executive order (EO) 14028 sent shock waves through the cybersecurity community as the formerly abstract concept of Zero Trust suddenly became a mandate for federal agencies. On January 26, 2022, the Office of Management and Budget (OMB) signaled its alignment with the EO by releasing plans to implement a Zero Trust Architecture (ZTA). With nearly every industry being business-adjacent to the federal workspace, many executives find themselves Googling “Zero Trust” and its related buzzwords. These moves are a shrill warning that the familiar security practices of creating fortressed cyber perimeters are no longer sufficient.
A cold, wet winter abounds as a small, poorly equipped band of untrained patriots outmaneuvers and foils the presumed onslaught of an overwhelming, superior military force. This asymmetrical fight for freedom and independence seems hopeless and impractical to the analytic eye.
With remote work and the ever-present threat of zero-day exploits and social engineering, it’s not getting any easier for security professionals to protect their expansive digital footprints from threat actors. Even with dozens of security tools at their disposal, many CISOs and SecOps teams have doubts about their ability to defend against cyberattacks.
This year will be the biggest test to date for security organizations. With a rapidly changing threat landscape, sprawling attack surfaces with remote workforces, and exponential growth in ransomware attacks, organizations of every size are revisiting their security priorities to ensure business continuity.
Cybersecurity professionals track a ton of information. From the numerous tools they manage to the various frameworks commonly used, the amount of information and data collected helps guide their efforts towards cyber maturity. But all these inputs and responsibilities can easily be overwhelming.
On January 25th, 2022, the Qualys Research Team publicly disclosed a memory corruption vulnerability in polkit (pkexec), a component included in every major Linux distribution. The exploit, known as PwnKit, is now tracked as CVE-2021-4034.
Yes, 2021 was the kind of year that we thought we needed another predictions blog (check out the first one if you missed it; Nine Cybersecurity Predictions for 2022). Of course, the start of a new year is often about what’s coming next, but don’t forget to reflect on and be proud of what your organization accomplished in the last year.