Preparing for Unknown Risks: How to Better Prepare for Risks You Can’t See Yet


As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.

On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.

Read more…
Source: Rapid7


Sign up for our Newsletter


Related:

  • Ripple20 Vulnerability Mitigation Best Practices

    June 22, 2020

    On June 16th, the Department of Homeland Security and CISA ICS-CERT issued a critical security advisory warning covering multiple newly discovered vulnerabilities affecting Internet-connected devices manufactured by multiple vendors. This set of 19 vulnerabilities in a low-level TCP/IP software library developed by Treck has been dubbed “Ripple20” by researchers from JSOF. A networking stack is a software component that provides ...

  • Factory Security Problems from an IT Perspective (Part 3): Practical approach for stable operation

    June 1, 2020

    This article is the last in a series that discusses the challenges that IT departments face when they are assigned the task of overseeing cybersecurity in factories and implementing measures to overcome these challenges. As explained in the first two articles, a factory network that accounts for diverse conditions and environments requires a well-balanced consideration ...

  • Forward-looking security analysis of smart factories [Part 2] Security risks of industrial application stores

    May 26, 2020

    On May 11, 2020, Trend Micro released a paper showing the results of proof-of-concept research on new security risks associated with smart factories. In this series of 5 columns, based on the results of this research, we will look at the security risks to be aware of when promoting smart factories by examining overlooked attack ...

  • Factory Security Problems from an IT Perspective (Part 2): People, processes, and technology

    May 26, 2020

    This article is the second in a series that discusses the challenges that IT departments face when they are assigned the task of overseeing cybersecurity in factories and implementing measures to overcome these challenges. Before beginning to consider countermeasures, in the first article we explained the source of the challenges while focusing on the differences ...

  • UK: £1m innovation funding to predict and counter cyber attacks

    April 27, 2020

    The Defence and Security Accelerator (DASA) can today announce nearly £1m to further develop technology that predicts and counters cyber-attacks. Three lead organisations, in collaboration with three additional organisations, have been awarded funding in Phase 2 of the DASA ‘Predictive Cyber Analytics’ competition. This work will develop, adapt and merge the novel approaches explored in Phase 1 ...

  • Many problems with cyber security of Schipihol’s border control: Court of Audit

    April 20, 2020

    Schiphol is very vulnerable to cyber attacks, the Court of Audit concluded after investigating the cyber security of the border control systems the Koninklijke Marechaussee uses at the airport. Two of the three systems are not properly protected against cyber attacks, NOS reports. Systems at Schiphol are hardly ever tested for how well they can stand ...