Is an MDR Solution or an MSSP Partnership Better for Your Organization?
In this blog post, we want to analyze the differences between a Managed Detection and Response (MDR) solution and a Managed Security Services Provider (MSSP) partnership and how organizations can differentiate between the two and choose which one or both
The Perspective of a Cyber Security Leader – An Interview with Bill Boni
Who is Bill Boni? Retired former Senior Vice President Information Security at T-Mobile USA and Corporate Security Officer at Motorola Bill Boni’s Biography Bill Boni is one of the leading information risk management practitioners based in the USA, with broad experience in all
Developing a Highly Skilled IT Security Workforce
Bill Boni is one of the leading information risk management practitioners based in the USA, with broad experience in all aspects of creating, sustaining, and transforming security protection for organizations. A visionary information security leader with outstanding written and verbal
Lessons Learned in Defending Against the Log4j Vulnerability – A Case Study
Authors of this Blog Post include SecureOps Employees - Michal Kavan, SOC Director - Andrew Morrison, SOC Manager and Alejandro Perez, Sr. SOC Analyst In December, several Log4j vulnerabilities also known as Log4shell or LogJam in many of the IT security
The Log4j Vulnerability is Likely to be a Significant Threat for Years
Until last month, Log4j was simply a popular Java logging framework; one of the numerous components that run in the background of many modern web applications. But since the zero-day vulnerability (CVE-2021-44228) was published, Log4j has made a huge impact
The 5 Elements to Effectively Managing HIPAA Compliance
Managing Patient Data (PHI) Sprawl In 1996, the Health Insurance Portability and Accountability Act (HIPAA) created an electronic data interchange that health-care providers and other related organizations are required to use for electronic transactions. The HIPAA Privacy regulations require health care
Phishing and Wire Transfer Scams are Victimizing Corporate Executives
“CEO Fraud” or “CEO Fraud Phishing” Doubled Over the Past Year CEO Fraud is a scam in which cyber criminals either spoof or literally take over company email accounts to impersonate executives in order to try and trick an employee in
How to Improve Your SOCs Effectiveness – Part 1
How to Improve Security Operation Center (SOC) Effectiveness – Part 1 So many articles and blog posts have been written on SOCs, how they are structured, what their mission and purpose is, and of course how to improve their effectiveness. I
Why and How DNS Hijacking is Increasing
The IDC Global DNS Threat Report released last summer revealed that 82% of organizations were victims of DNS attacks with each suffering an average of 9 DNS attacks which was an increase of 34%. In addition, over 63% of the
Are Organizations Ready for The California Consumer Privacy Act (CCPA)?
Why Organizations Aren’t Ready for the California Consumer Privacy Act (CCPA) The California Consumer Privacy Act (CCPA) went into effect on January 1st, and many organizations haven’t started preparing to comply with the legislation. In fact, the state of California itself