Fresh Thinking for the Modern CISO
powered by Kudelski Security
The Future of Security Leadership
The role of the CISO is changing. What makes a good security leader depends on a number of ever-changing factors. Jason Hicks, Global CISO at Kudelski Security, recently joined the UberKnowledge podcast to talk about the future of security leadership. He covers the...
read more
Challenges of a New CISO: The First Year
The first year as a new CISO can be exhilarating and at times downright frightening. You have a lot to prove and minds to win over, but you also have the opportunity to start fresh and make a big impact. Early on, the emphasis is on learning the lay of the land of...
read more
Microsoft Passwordless Authentication 101
Passwords have long been a daily part of our lives, but in today's modern, cloud-first world the use of passwords alone leaves us increasingly more vulnerable to compromise. Large-scale data breaches are being reported more and more frequently in the media with more...
read more
You Suck at Office 365 Logging
One of the misconceptions about cloud services is that you have to surrender all control when you sign-up. While it is true that you may no longer have racks of servers with blinking lights humming away in your data center, it doesn’t mean that you no longer have any...
read more
Tips From Over A Decade of Working Remotely
The presence of COVID-19 has led to some unprecedented times. With a large portion of the workforce now working from home, there are numerous security implications that arise. Our previous post is an extensive FAQ that covers everything you need to know about the...
read more
Microsoft Type 1 Font Parsing Critical 0-Day Remote Code Execution Vulnerabilities
Summary On March 23rd, 2020 Microsoft publicly disclosed the existence of two critical 0-Day vulnerabilities in all recent versions of the Microsoft Windows operating system. Microsoft is aware of limited targeted attacks that leverage these 0-Day vulnerabilities and...
read more
Cybersecurity Concerns with COVID-19
We are having increasing numbers of conversations with clients about cybersecurity and business continuity challenges resulting from the rapid adoption of work-from-home scenarios to combat the spread of COVID-19. Clients are interested in cybersecurity policy updates...
read more
Security Advisory: Microsoft Server Message Block 3 (SMBv3) Remote Code Execution Vulnerability
Updated on March 12th, 2020: to reflect that Microsoft has now made a patch for the vulnerability available. As such, we’ve updated the advisory reflects updated mitigations. Summary On March 10th, a critical Remote Code Execution (RCE)...
read more