Fresh Thinking for the Modern CISO
powered by Kudelski Security-
5 Minutes with Ernie Anderson – The Importance of a Deputy CISO
Ernie Anderson, Head of Professional Services at Kudelski Security, knows a thing or two about enabling the CISO to fulfil their mission. Being one of the most difficult jobs in the cybersecurity industry, a CISO needs lieutenants to have an effective security team. With lack of funding in companies’ security programs and rampant attacks around…
Read More >> -
Microsoft Warns Azure Customers of a Vulnerability in the Azure Container Instances (ACI) Service that Could Expose their Data
Microsoft recently reported that they have mitigated a vulnerability that was reported in July by security researchers from Palo Alto. This vulnerability impacts the Azure Container Instances feature that allows azure users to deploy containers without the need for Kubernetes or some sort of Linux VM running the docker software to host the container. It…
Read More >> -
The Anatomy of an IT/OT Cyber Attack
The convergence of IT/OT is upon us, bringing new challenges for both the IT and OT units to navigate. Traditionally, operational technology has been managed by site engineers with a focus on reliability and safety. But now, as OT systems are becoming more connected, it’s imperative that these two worlds begin to operate as one….
Read More >> -
Today’s Ransomware Threat: Why It’s So Severe… And Only Getting Worse
The ransomware threat is nothing new. Though it really got going around the mid-2010s, cyberattacks in which malicious actors encrypt files and demand payment to render them accessible again have been launched for over thirty years. Recently, however, the nature of the battle against ransomware has changed: defenders must contend with greater attack volumes, higher…
Read More >> -
Anticipating Issues With Automation Impact Audits
The promise of automation is doing more with less, freeing people from repetitive tasks allowing focus on more interesting activities. This claim makes for a great tagline but can fall short in implementation. Automation doesn’t have to include complicated machine learning or deep learning. It could be a simple script. Automation is far from a…
Read More >> -
Preparing For New AI Regulations
Until recently, the regulation of AI was left up to the organizations developing the technology, allowing these organizations to apply their own judgment and ethical guidelines to the products and services they create. Although this is still widely true, it may be about to change. New regulations are on the horizon, and some already signed…
Read More >> -
Defending Against Cyberattacks in the Increasingly Vulnerable Manufacturing Industry
As manufacturing relies more and more on remote access and automation, cyber hygiene continues to be one of the top challenges in securing manufacturers across the nation. In light of several major supply chain disruptions across manufacturing sectors, the Biden Administration recently announced the creation of a Supply Chain Disruptions Task Force to strengthen critical supply chains…
Read More >> -
Security Advisory: Kaseya VSA Supply Chain Compromise Used to Execute REvil Ransomware
SUMMARY On July 2nd, a large-scale supply chain attack operation by the REvil ransomware group affected multiple I.T Managed Service Providers (MSPs) and leveraged the I.T MSP’s Kaseya VSA instances to infect the MSP’s clients. As of this writing the attack campaign has affected 60 I.T MSPs and over 1500 end clients. The attack was…
Read More >>