Preparing for Unknown Risks: How to Better Prepare for Risks You Can’t See Yet


As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.

On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.

Read more…
Source: Rapid7


Sign up for our Newsletter


Related:

  • Tips to avoid the new wave of ransomware attacks

    May 10, 2021

    There have been a lot of changes in ransomware over time. We want to help you protect your organization from this growing attack trend. The Colonial Pipeline ransomware attack is just part of a new onslaught of ransomware attacks that malicious actors are ramping up against high value victims. Why are we seeing this? These malicious actors ...

  • Biden Administration Drafting EO to Help U.S. Government Secure Digital Supply Chain

    May 3, 2021

    Biden Administration Drafting EO to Help U.S. Gov’t Secure Digital Supply Chain The Biden administration said it’s drafting an executive order to help the United States government better defend itself against digital supply chain attacks. A Step Up for Federal Procurement According to NPR, the executive order that’s being drafted will include several initiatives designed to strengthen the ...

  • The Winds of Change – What SolarWinds Teaches Us

    April 25, 2021

    In the wake of the discovery of the breach, national security agencies such as the NCSC were prompt in providing advice and guidance. Using tools such as the Cyber Information Sharing Programme (CiSP), they shared technical information on how to assess if an organization was at risk and what actions they should take if they ...

  • Ransomware’s perfect target: Why shipping and logistics industry needs to improve cybersecurity, before it’s too late

    April 23, 2021

    Ransomware attacks against the shipping and logistics industry have tripled in the past year, as cyber criminals target the global supply chain in an effort to make money from ransom payments. Analysis by cybersecurity company BlueVoyant found that ransomware attacks are increasingly targeting shipping and logistics firms at a time when the global COVID-19 pandemic means ...

  • Verification and Zero Trust: I Hear You Knocking But Can I Let You In?

    April 21, 2021

    One of the biggest problems with digital communication is the illusion that it has taken place with the correct person. Symantec, as a division of Broadcom, believes digital communications are based on trust. Applications trust that the person requesting access or giving commands is actually authorized to do so, but that isn’t always the case. ...

  • White House: Here’s what we’ve learned from tackling the SolarWinds and Microsoft Exchange Server cyber incidents

    April 21, 2021

    Lessons learned from responses to the SolarWinds and Microsoft Exchange cyber incidents will be used to coordinate action against future cybersecurity and hacking incidents, the White House has said. Both incidents required the United States to react to cyberattacks by nation-state hacking operations affecting thousands of organisations across the country – Russian intelligence compromised SolarWinds in ...