As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.
On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.
Read more…
Source: Rapid7
Related:
- Biden now wants to toughen up chemical sector’s cybersecurity
October 27, 2022
The White House is adding the chemical sector to a program launched last year to improve cybersecurity capabilities within America’s critical infrastructure industries. The addition makes chemical facilities and manufacturers the fourth sector under the Biden Administration’s Industrial Control Systems (ICS) Cybersecurity Initiative, which rolled out in July 2021 following the ransomware attack on Colonial Pipeline ...
- Attack Surface Management 2022 Midyear Review – Part 2
October 27, 2022
The cybersecurity landscape changed significantly in the first half of 2022. In our midyear roundup, Trend Micro researchers examine these changes and their effects on business operations as well as what you need to know about staying protected from online attacks. In part one of the series, Trend Micro researchers talked about the growing attack surface ...
- DHS Announces New Cybersecurity Performance Goals for Critical Infrastructure
October 27, 2022
WASHINGTON – Today, the Department of Homeland Security released the Cybersecurity Performance Goals (CPGs), voluntary practices that outline the highest-priority baseline measures businesses and critical infrastructure owners of all sizes can take to protect themselves against cyber threats. The CPGs were developed by DHS, through the Cybersecurity and Infrastructure Security Agency (CISA), at the direction of ...
- DARPA’s CASTLE to Fortify Computer Networks
October 24, 2022
An ever-expanding cyber-attack surface, infrequent computer vulnerability scans, and burdensome security procedures create a seemingly lopsided battle when it comes to defending critical computing assets. Couple those factors with costly cybersecurity assessments that often lack actionable feedback, and the odds may appear to favor bad actors. DARPA intends to change that dynamic through a new program ...
- Attack Surface Management 2022 Midyear Review – Part 1
October 20, 2022
The digital age is an exciting time for businesses as it offers the opportunity to be more efficient and effective with how things are done. Many companies have taken this opportunity by adopting new technologies that allow them not only to improve their operations but also to create a better culture within those organizations. However, the ...
- CISA Releases Three Industrial Control Systems Advisories
October 20, 2022
CISA has released three (3) Industrial Control Systems (ICS) advisories on October 20, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-293-01 Bentley Systems MicroStation Connect ICSMA-21-294-01 B Braun Infusomat Space Large Volume Pump ...

