Protecting and Responding to Ransomware Attacks – A Best Practice
Let’s start with the basics: ransomware, a malicious software, poses a significant threat to organizations by encrypting their data and demanding payment for its restoration. This type of attack disrupts business operations and presents management with a dilemma: to pay
DDoS Attacks on Critical Infrastructure: A Look at Hydro-Québec’s Website Outage
Recently, the critical infrastructure of Canada has once again become the target of cyberattacks. Pro-Russian hacking groups have launched a series of DDoS or denial of service attacks, causing operational disruptions and website outages across various government and civilian organizations.
Cybersecurity vs. Cloud Security: What is the Difference? Part 1
Regarding technological advancement, cyber and cloud security are critical elements that can either make or break a company's overall IT infrastructure. Cybersecurity analysts must understand both nuances to protect their organization from potential risks. To get us started we know
‘BlackMamba’ AI-Keylogging Malware Attack Is Here – What You Need to Know
A new strain of malware has been discovered that is powered by artificial intelligence, and it's already making headlines in the cybersecurity community. Dubbed "BlackMamba," this keylogging attack has the potential to completely evade most existing endpoint detection and response
The Indigo Bookstore Ransom Cyber Attack – Lessons Learned
The recent attack on the Indigo Bookstore left many cyber security analysts scratching their heads. How did attackers seize control of systems through ransomware, and how was a zero-day exploit used? It's not just a matter of understanding what happened
Will Your Organization Benefit from Security Services Edge (SSE)?
We want to keep things as simple as possible in this post about Security Services Edge (SSE); that is, what is SSE, what are the components, and what SSE is not. Fundamentally, SSE provides the security service elements of a
Organizations Struggle Implementing Compliance Requirements Including NIST & Zero Trust Mandates
Over the last year, we’ve seen a literally flood of government legislation and formal guidance concerning cybersecurity best practices. New mandates have been coming or to the cyber community fast and furious, and government agencies and their contractors have had
Two-Thirds of Organizations Were Hit by a Ransomware Attack Last Year
In SpyCloud’s Ransomware Defense Report, its annual survey of CISOs or Chief Information Security Officers and heads of IT security from Canada, the UK, and US they found that that security teams are starting to lose hope that they can
How CASB Solutions are Improving Cloud Security
Cloud access security brokers (CASBs) are on-premises, or cloud-based security policy enforcement points, typically placed between cloud service consumers and their cloud service providers (CSB). The solutions often combine and add enterprise security policies when cloud-based resources are accessed. Further,
How to Implement an Effective Vulnerability Management Program
We’ve written considerably on Vulnerability Management, Vulnerability Assessments and Patching because they are so critical to preventing attacks. I’ve provided links to several of the most read blog posts we have written on the subject. In this blog post, we’ll