Preparing for Unknown Risks: How to Better Prepare for Risks You Can’t See Yet


As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.

On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.

Read more…
Source: Rapid7


Sign up for our Newsletter


Related:

  • NATO Exercises to Enhance its Cyber Resilience

    November 20, 2023

    Cyber Coalition, one of the world’s largest cyber defence exercise, aims to enhance NATO, Allies and partners’ ability to defend their networks and operate together in cyberspace. The Exercise provides a unique platform for collaboration, experience-sharing, best practices and experimentation. By working together, the individual participants, as well as their organisations, nations and NATO, enhance their ...

  • K-12 schools improve protection against online attacks, but many are vulnerable to ransomware gangs

    November 19, 2023

    Some K-12 public schools are racing to improve protection against the threat of online attacks, but lax cybersecurity means thousands of others are vulnerable to ransomware gangs that can steal confidential data and disrupt operations. Since a White House conference in August on ransomware threats, dozens of school districts have signed up for free cybersecurity services, ...

  • ‘I employ a lot of hackers’: how a stock exchange chief deters cyber-attacks

    November 18, 2023

    Six Group counts its profit in millions, but the financial pipework it controls moves billions. Its operations, which include the Spanish and Swiss stock exchanges, count as critical national infrastructure and this gives it a close relationship with governments and regulators in Madrid and Zurich. Those relationships are critical in an age where digital warfare makes ...

  • Scattered Spider

    November 16, 2023

    The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to recent activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors. This advisory provides tactics, techniques, and procedures (TTPs) obtained through FBI investigations as recently as November 2023. Scattered Spider ...

  • Enhancing Computer Security for Nuclear Safety and Security

    November 16, 2023

    Nuclear safety and nuclear security share the same objective and vision: to protect individuals, societies and the environment from the potential harmful effects of ionizing radiation. Though the activities that address nuclear safety and nuclear security are different, it is essential to establish a well-coordinated approach to managing their interface. It is important to ensure that ...

  • Update now! Microsoft patches 3 actively exploited zero-days

    November 15, 2023

    Another important update round for this month’s Patch Tuesday. Microsoft has patched a total of 63 vulnerabilities in its operating systems. Five of these vulnerabilities qualify as zero-days, with three listed as being actively exploited. Microsoft considers a vulnerability to be a zero-day if it is publicly disclosed or actively exploited with no official fix available. ...