Fresh Thinking for the Modern CISO

powered by Kudelski Security
  • 2023 Cybersecurity Predictions

    Our top cybersecurity predictions for 2023

    It’s the time of year when the industry begins making its top cybersecurity predictions for the year ahead. Gartner, among others, recently released their top 8 cybersecurity predictions for 2023, writing that supply chain and geopolitical issues will continue to dominate cybersecurity. In this article, our team looks into the proverbial crystal ball to share…

    Read More >>
  • 6 Key Considerations for Good Insider Risk Management

    6 Steps to Effective Data Security

    In this blog post, we’ll identify where today’s data security programs often fail and look at six steps to effective data security. These cover everything from product definition, minimal viable discovery, and services, to telemetrics, metrics as well as threat detection and response capabilities. If you’ve ever asked the question: ‘How can my company reduce…

    Read More >>
  • Cyber Risk

    Getting Started with Cyber Risk Quantification and Decisioning

    Over the last few years, there has been increasing interest by CISOs and business leaders in cybersecurity risk quantification. Many of the CISOs we are working with are keen to connect security risk to the language of business. In this article, Graeme Payne reviews how cyber risk quantification and decisioning can be used to communicate…

    Read More >>
  • 15 Practical Tips for More Effective Cybersecurity Incident Response

    15 Practical Tips for More Effective Cybersecurity Incident Response

    Building an effective cyber incident response plan requires more than having the right tools in place or engaging the right cyber incident response services. As a security leader, you’re responsible for building the right security foundation and fostering a culture of teamwork and open dialogue during a crisis. Summarizing a recent webinar, this article will…

    Read More >>
  • MITRE ATT&CK & D3FEND: Step-by-Step Guide to Closing Security Visibility Gaps

    In this article, summarized from a recent managed detection and response webinar, we’ll explain what MITRE D3FEND is, how it complements the MITRE ATT&CK framework, and how you can use it to identify and close gaps in security visibility. It’s no secret that cybercrime is on the rise with attacks happening more frequently and for…

    Read More >>
  • What’s Next in Cybersecurity: Predictions from Andrew Howard

    Every year, the cybersecurity sector publishes articles on what we can expect to see in the course of the year. This article, published originally in InfoSec on August 8, 2022 by Ali Hadley looks at the predictions Kudelski Security CEO, Andrew Howard, made at the beginning of 2022 in a podcast with Infosec. As we…

    Read More >>
  • Can Zero Trust be a business enabler? It’s all about perception.

    It was back in 2017 that the Economist predicted data would replace crude oil as the world’s most valuable resource and that there would be a new “asset-light” economy built on digital rather than physical infrastructures. In hindsight, we could say, yes, of course that’s the case. We know the value of data and those…

    Read More >>
  • BIG-IP iControl REST API Authentication Bypass

    Credit: Yann Lehmann iControl REST is an evolution of F5 iControl framework. Leveraging this Representational State Transfer (REST) API, an authenticated user can accomplish anything that can be accomplished from the F5 BIG-IP command line. It is an extremely powerful API. On May 04, 2022, F5 disclosed a critical CVE, CVE-2022-1388. It may allow an…

    Read More >>