Preparing for Unknown Risks: How to Better Prepare for Risks You Can’t See Yet


As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.

On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.

Read more…
Source: Rapid7


Sign up for our Newsletter


Related:

  • The race towards renewable energy is creating new cybersecurity risks

    January 14, 2022

    The renewable energy industry is becoming more important as countries attempt to move away from fossil fuels, but the continued growth of the sector must be managed with cybersecurity in mind, or there’s the danger that vulnerabilities in everything from power plants down to smart meters could leave energy providers and their customers open to ...

  • Cyberattack shuts down Albuquerque schools; county copes with ransomware incident

    January 13, 2022

    School officials in Albuquerque, New Mexico have cancelled classes for Thursday and Friday due to a cyberattack. The shutdown took place just days after a ransomware attack hit government services across Bernalillo County. In a statement posted to the Albuquerque Public Schools (APS) website, officials said schools will remain closed “as the district continues to investigate ...

  • How to achieve the Interoperability of EU Risk Management Frameworks

    January 13, 2022

    The report (Interoperable EU Risk Management Framework) published today is primarily designed to assess the existing risk management frameworks and methodologies in order to identify those with the most prominent interoperable features. What is security risk management? Information security risk management consists of the coordinated activities of an organisation in order to control information security risks. These ...

  • How to Make API Security an Integral Part of Your Application Security Strategy

    January 12, 2022

    The farther your organization travels down the digital transformation path, the more critical API protection is to your overall security posture. Every day, your development teams are innovating; they rely more on microservices to save time and money as they automate business-to-business processes and provide a back-end for mobile applications. APIs are the cornerstone of ...

  • Maryland officials confirm ransomware attack shut down Department of Health

    January 12, 2022

    Maryland officials confirmed on Wednesday that state’s Department of Health is dealing with a devastating ransomware attack, which has left hospitals struggling amid a surge of COVID-19 cases. In a statement released on Wednesday, Maryland Chief Information Security Officer Chip Stewart said the attack began on December 4 and crippled their systems. “We have paid no extortion ...

  • Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

    January 11, 2022

    This joint Cybersecurity Advisory (CSA)—authored by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA)—is part of our continuing cybersecurity mission to warn organizations of cyber threats and help the cybersecurity community reduce the risk presented by these threats. This CSA provides an overview of Russian state-sponsored ...