Fresh Thinking for the Modern CISO

powered by Kudelski Security
  • Part 2 – Make the Shift: A Cohesive Approach to Incident Response is Mission-Critical

    In the first of this two-part series, Olivier Spielmann VP of managed security services EMEA at Kudelski Security discussed the factors that drive the need for a more comprehensive approach to Incident Response. The question of how to prevent cybersecurity attacks is never straightforward, but as cyber security attacks increase – especially over the festive…

    Read More >>
  • Part 1 – Make the Shift: A Cohesive Approach to Incident Response is Mission-Critical

    In this two-part series, Olivier Spielmann, VP managed security services EMEA at Kudelski Security discusses why incident response needs to widen its scope and what every security leader can do to make it happen. Despite the recent good news about the U.S. F.B.I.’s takedown of the REvil ransomware group, whose associates were likely responsible for…

    Read More >>
  • CredManifest: Azure AD Information Disclosure Leading to Privilege Escalation & Free Tool Released

    Summary On November 17th, 2021 Microsoft disclosed the existence of a high severity information disclosure vulnerability impacting Azure Active Directory (Azure AD) that could allow authenticated Azure AD user to escalate their privileges. Azure AD is Microsoft’s Identity and Access Management system used by Azure Cloud and Office 365. The vulnerability, dubbed “CredManifest” (CVE-2021-42306) existed…

    Read More >>
  • From Theory to Practice: How to Get Started with Red Teaming

    It seems like everyone is talking about red teaming these days, and for good reason. Red teaming can be an incredibly useful exercise for organizations looking to test their threat detection and response capabilities as well as their maturity as whole. It’s an evolution of the traditional network pentest, but there are key differences in…

    Read More >>
  • Defending Against Cyberattacks in the Increasingly Vulnerable Manufacturing Industry

    As manufacturing relies more and more on remote access and automation, cyber hygiene continues to be one of the top challenges in securing manufacturers across the nation. In light of several major supply chain disruptions across manufacturing sectors, the Biden Administration recently announced the creation of a Supply Chain Disruptions Task Force to strengthen critical supply chains…

    Read More >>
  • Attack Surface Reduction: Transforming Discovery and Vulnerability Management for a New Era

    In this two-minute read, Zach outlines three simple things that CISOs and security leaders can do to reduce the modern enterprise attack surface: discovery, contextualization, response. You can’t secure what you don’t know exists; you can’t hide what you don’t know is exposed. John Binns, the self-professed perpetrator of this summer’s T-Mobile breach, reminded us…

    Read More >>
  • OT: The Time for Remote Access Security is Now

    Critical infrastructure systems are becoming increasingly connected to traditional IT systems, and as a result, are increasingly targeted. Critical infrastructure systems are becoming increasingly connected to traditional IT systems, and as a result, are being increasingly targeted. A Siemens study found that 56 percent of the world’s gas, wind, water and solar utilities experienced at least one…

    Read More >>
  • Bridging the AI Security Divide

    If you are reading this post, then there’s a good chance you understand the need for security surrounding AI systems. As more and more development teams look at ways to increase the intelligence of their applications, the surrounding teams, including security teams, are struggling to keep up with this new paradigm and this trend is only…

    Read More >>