Fresh Thinking for the Modern CISO

powered by Kudelski Security
  • More than ChatGPT

    More than ChatGPT: Privacy and Confidentiality in the Age of LLMs

    Much has been made about the privacy and confidentiality issues with ChatGPT. Just take a look at the press for a list of companies prohibiting ChatGPT usage by their employees, but I’d argue there’s an equally if not far more concerning issue impacting privacy and confidentiality beyond ChatGPT, and that’s individual experimenters distributed across organizations….

  • MDR Threat Navigator

    What You Can’t See: Visualizing and Addressing MITRE ATT&CK Coverage Gaps with Threat Navigator

    In this blog post, Marie Singleton and Pascal Reymond outline the onboarding process and core ideas behind Threat Navigator, Kudelski Security’s technology that enables clients to understand, visualize – and remediate – their security visibility & threat detection gaps. Delivered as standard for all clients of our Managed Detection and Response platform, Threat Navigator aligns…

  • Basic Guide to Cyber Threat Intelligence: What It Is and Why Your Business Needs It

    A Basic Guide to Cyber Threat Intelligence: What It Is and Why Your Business Needs It

    Cyber threat intelligence programs play a foundational role in protecting modern enterprises from cyberattacks, informing security priorities, data collection, and decision-making. This blog introduces some of the key concepts and how to get started with cyber threat intelligence.  What is cyber threat intelligence?   Cyber threat intelligence is the process of collecting, processing and analyzing information…

  • ChatGPT

    Misconceptions and Realities of ChatGPT and Cybersecurity

    Headlines about ChatGPT and the updated GPT-4 are everywhere. Even with new updates, these models still hallucinate, and unfortunately, so do people writing articles about this technology. There is quite a bit of circular reporting on this topic especially related to software development and security. I’ve seen outrageous claims about these tools that are more…

  • An Eight-Step Guide to Managing a Cyber-Attack for the First Time.

    “I’m a New Security Leader and My Business Has Been Breached. What Next?” An Eight-Step Guide to Managing a Cyber-Attack for the First Time.

    It comes as no surprise to anyone who follows industry news that reports of cybercrime are increasing. While no security leader ever gets ‘used’ to being breached, the first time it happens is especially daunting. This is a guide put together for new security leaders, based on discussions with our Incident Response team and CISOs…

  • 2023 Cybersecurity Predictions

    Our top cybersecurity predictions for 2023

    It’s the time of year when the industry begins making its top cybersecurity predictions for the year ahead. Gartner, among others, recently released their top 8 cybersecurity predictions for 2023, writing that supply chain and geopolitical issues will continue to dominate cybersecurity. In this article, our team looks into the proverbial crystal ball to share…

  • 6 Key Considerations for Good Insider Risk Management

    6 Steps to Effective Data Security

    In this blog post, we’ll identify where today’s data security programs often fail and look at six steps to effective data security. These cover everything from product definition, minimal viable discovery, and services, to telemetrics, metrics as well as threat detection and response capabilities. If you’ve ever asked the question: ‘How can my company reduce…

  • Cyber Risk

    Getting Started with Cyber Risk Quantification and Decisioning

    Over the last few years, there has been increasing interest by CISOs and business leaders in cybersecurity risk quantification. Many of the CISOs we are working with are keen to connect security risk to the language of business. In this article, Graeme Payne reviews how cyber risk quantification and decisioning can be used to communicate…