Preparing for Unknown Risks: How to Better Prepare for Risks You Can’t See Yet


As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.

On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.

Read more…
Source: Rapid7


Sign up for our Newsletter


Related:

  • Android zero-day vulnerabilities actively abused – update as soon as you can

    March 5, 2025

    Google has issued updates to fix 43 vulnerabilities in Android, including two zero-days that are being actively exploited in targeted attacks. The updates are available for Android 12, 12L, 13, 14, and 15. Android vendors are notified of all issues at least a month before publication, however, this doesn’t always mean that the patches are available ...

  • UK: 60% of NHS staff want more cyber security training

    March 4, 2025

    Research from BT found that 94% of NHS staff understand their role in protecting the organisation from cyber attacks, yet only 36% believe current measures are sufficient. The independent online survey of 76 NHS staff at 59 NHS organisations and integrated care systems, carried out between 8 September 2024 and 16 September 2024, explored sentiment around ...

  • Critical Zero-day Vulnerabilities in VMware ESXi, Workstation, and Fusion

    March 4, 2025

    Broadcom has addressed three exploited vulnerabilities that, when chained, can allow an attacker to access the hypervisor through a running virtual machine. VMware’s official advisory does not include all affected product versions. VMware’s official advisory VMSA-2025-0004 includes a Response Matrix detailing the fixed releases for each product. VMware have also released an FAQ detailing the following: You are ...

  • Philippines: 5.4M cyber attacks against government agencies deterred in 2024

    March 1, 2025

    The Department of Information and Communications Technology (DICT) was able to prevent over 5 million attempts to compromise the cybersecurity of several government agencies last year. “In 2024, the DICT automatically deterred approximately 5.4 million malicious attempts against 32 government agencies connected to our national security operations,” DICT Undersecretary for Cybersecurity Jeffrey Ian Dy said at ...

  • Cybersecurity and the Role of Trusted TOS Providers

    February 28, 2025

    In an era where digital transformation is reshaping the maritime industry, cybersecurity has emerged as a critical concern for port and terminal operators. The adoption of a Terminal Operating System (TOS) is a significant step towards embracing this digital revolution, but it is essential to navigate this landscape with caution and confidence. This article explores the ...

  • Uncovering and Protecting Sensitive Data Across Cloud Environments with Exposure Command

    February 28, 2025

    Modern organizations grapple with the complex task of securing sensitive data in sprawling hybrid and multi-cloud environments. Due to insufficient visibility and governance, data is often misplaced, duplicated, or left exposed. This fragmented environment makes it difficult for teams to accurately assess data exposure risks, comply with stringent privacy regulations, and continuously track sensitive data ...