Preparing for Unknown Risks: How to Better Prepare for Risks You Can’t See Yet


As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.

On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.

Read more…
Source: Rapid7


Sign up for our Newsletter


Related:

  • The Next Disruptive ICS Attacker: A Disgruntled Insider?

    August 4, 2021

    Often, the most critical threats come from within an organization itself. This is true for all sectors, but it is especially true for industrial control systems (ICS). Technicians in these environments already have access to plant controls and may have the deep knowledge of industrial processes needed to achieve specific goals. The damage caused by ...

  • The Pentagon says its new AI can see events ‘days in advance’

    August 4, 2021

    The US military is testing the use of cutting-edge data gathering tools combined with artificial intelligence to predict enemies’ next moves with up to days of advance. Speaking at a press conference, the commander of the US Northern Command (NORTHCOM) Glen VanHerck revealed that trials have been on-going to improve the military’s use of data when ...

  • NSA, CISA release Kubernetes Hardening Guidance

    August 3, 2021

    FORT MEADE, Md. – The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Technical Report, “Kubernetes Hardening Guidance,” today. This report details threats to Kubernetes environments and provides configuration guidance to minimize risk. Kubernetes is an open source system that automates the deployment, scaling, and management of applications run ...

  • NSA Issues Guidance on Securing Wireless Devices in Public Settings

    July 29, 2021

    FORT MEADE, Md. – NSA released the Cybersecurity Information Sheet, “Securing Wireless Devices in Public Settings” today to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats and minimize risks to their wireless devices and data. Cyber actors can compromise devices over Bluetooth, public Wi-Fi, and Near-Field ...

  • Risks in Telecommunications IT

    July 29, 2021

    Telecommunications is just one aspect of a 200-year-old field of research in IT. In our latest report, “Islands of Telecoms: Risks in IT,” we liken this field to what seems to be separate islands that are in fact connected by a larger landmass underneath an ocean of IT. Indeed, the features of telecommunications might seem ...

  • Biden pushes for stronger cybersecurity in critical infrastructure, wants companies to do more

    July 28, 2021

    President Joe Biden will sign a national security memorandum on Wednesday that aims to strengthen cybersecurity for critical infrastructure, as concern mounts about the vulnerability of the U.S. in the wake of a series of recent ransomware attacks. The memo will include directives for federal departments, while the administration is also calling for tougher action from ...