Cyber Risk Analytics is Flashpoint's data breach research team that since 2013 has analyzed incidents and trends. Inga Goddijn, who heads that team, opens up on ransomware, Russia's invasion of Ukraine and why so much of successful defense still comes back to getting the basics right.
As the Russia-Ukraine war continues, cybersecurity officials say the risk of attack spillover - and perhaps the direct targeting of critical infrastructure sectors outside Ukraine - remains high. The memo for CISOs is clear: Remain prepared.
Marco Túlio Moraes of OITI, who is a CyberEdBoard executive member, confronts the metaphor of the cyberthreat as a bear in the forest and discusses how an organization must actively assess its environment, understand what its main risks are, and define a strategy to deal with them.
Security orchestration, or SOAR - Security Orchestration, Automation and Response, as it is known to some - is still an area in development, so there are misconceptions about its scope of use and effectiveness for a SOC team. Claudio Benavente discusses the top five security orchestration myths.
Since threats are becoming increasingly hard to find, it's crucial that your cybersecurity practice adopts a strategy focused on proactive preparedness and takes actions - in advance of an attack - that harden and reduce the threat surfaces that hackers exploit. Adam Mansour of ActZero offers tips.
Life comes at you fast, especially when you're a breached business such as Okta, which may have exposed customer data or otherwise put the businesses paying for your product at risk. Here's how after detecting the breach, Okta fumbled its response, and what others should learn from this experience.
Michael Lines is working with ISMG to promote awareness of the need for cyber risk management. As a part of that initiative, CyberEdBoard posts draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This chapter is "Recognize the Threats."
We look at cybersecurity largely focused on the immediate future. But educator Gary Henderson says we need to look a little further ahead. He makes the case for educating teachers about cybersecurity so they can educate their students, who can then go on to use those best practices in their careers.
In an excerpt from his book "CRISC Certified in Risk and Information Systems Control All-In-One Exam Guide," Peter Gregory discusses choosing the fifth option in risk management, which is ignoring the risk. He warns of the problems that choice can cause.
Older consumers are considered a more vulnerable population. They are the best kind of customers, and cybercriminals know that. They are known for having better credit and more funds, tend to be more trusting, and lack familiarity with new digital technologies. Fortunately, there is a way to help financial...
By baselining cyber maturity, one can create an organization's risk profile - and that is the key to being able to build a road map for prioritizing and addressing business risk. ISACA's Brian Fletcher shares insights on establishing the maturity goals for one's unique organization.
Russian troops invaded Ukraine after Russian President Vladimir Putin recognized the independence of two pro-Russia regions. But it's not clear if that military incursion alone will trigger strong sanctions by the U.S. and NATO allies or be backed by cyberattacks that target Ukraine or its allies.
In case anyone doubts that Russia is the epicenter of ransomware operations, follow the money, as Chainalysis finds that "roughly 74% of ransomware revenue in 2021 - over $400 million worth of cryptocurrency - went to strains we can say are highly likely to be affiliated with Russia in some way."